Assistant Vice President, Security Engineering

JOB PURPOSE:

• Oversees and manages the design, implementation, enhancement and maintenance of the Bank’s cybersecurity engineering and security infrastructure to ensure confidentiality, integrity, availability and resilience of critical systems and data in compliance with regulatory and internal security policies.
• Drive and execute security engineering strategy (budgeting, resource planning, technology assessment, architecture governance and regulatory alignment) in line with the Bank’s IT and business objectives.
• Proactively strengthen the Bank’s security posture by implementing preventive, detective and responsive security controls with minimal disruption to business operations and in accordance with agreed service levels and risk appetite.
  
  

KEY RESPONSIBILITIES:

System Architecture & Engineering

• Define and communicate, at architecture and design level, secure technical solutions aligned with business objective, regulatory and technology standards.
• Provide direction to ensure all technology implementations adhere to the Bank’s security architecture principles and cybersecurity framework.
• Lead the evaluation, design and deployment of security technologies.
• Review and approve security designs, hardening standards and configuration baselines.

Functional

• Responsible for engineering, administration and continuous improvement of enterprise security infrastructure.
• Ensure secure configuration, patching, vulnerability remediation and lifecycle management of security platforms.
• Perform security assessment on new systems, application and infrastructure changes.
• Provide technical advisory and hands-on support for complex security issues.

People and Talent

• Provide leadership, coaching and technical guidance to security engineers and analysts.
• Manage stakeholders across Technology, Risk, Compliance, Audit and Business Units.
• Build team capability through knowledge sharing and succession planning.
• Drive a security-first culture across IT and project teams.

Risk Management

• Identify, assess, escalate, mitigate and track cybersecurity risks and control gaps.
• Ensure timely remediation of vulnerabilities, audit findings and regulatory observations.
• Support regulatory compliance requirements (e.g., BNM, RMiT, PDPA, PCI-DSS where applicable).

Governance Management

• Act as Gatekeeper for security solution delivery ensuring compliance with security policies, standards and regulatory requirements.
• Establish and maintain security engineering SOPs, standards and technical guidelines.
• Ensure documentation, audit trails and evidence are maintained for compliance reviews.

Incident Management

• Provide L3 security engineering support during major security incidents and cyber threats.
• Lead containment, eradication and recovery efforts for security infrastructure-related incidents.
• Ensure incidents are handled within agreed SLA and regulatory reporting timelines.
• Escalate critical cybersecurity incidents to CISO and Senior Management as required.

Change Management

• Draft implementation steps, rollback plans and risk assessments for security changes (break-fix & non-break-fix).
• Ensure changes are implemented in accordance with change governance and without adverse business impact.

Problem Management:

• Work with other support towers to identify the root cause and perform technical root cause analysis (RCA) for security incidents.
• Drive permanent remediation and control improvements identified during RCA.
• Implement preventive measures to reduce recurring security events and operational risks.

Technologies and Strategy management

• Continuously assess emerging cybersecurity threats and technologies.
• Conduct product comparison, proof-of-concept (POC) and technical evaluation for new security solutions.
• Develop security roadmap aligned with Bank’s digital transformation strategy.
  
  

Sub-Team Lead (Security Engineering)

• Lead Security Engineering sub-team and manage day-to-day operational priorities.
• Oversee vendor and managed security service providers performance.
• Ensure SLA, KPI and operational metrics are monitored and reported to management.

EXPERIENCE/KNOWLEDGE REQUIRED:

Qualifications

• Degree in Computer Science or Information Security, Information Technology or related discipline.
• Professional certifications preferred (e.g., CISSP, CISM, CCSP, CEH, Security+ or equivalent security certification).

Skills

• Strong analytical, troubleshooting and problem-solving skills with the ability to perform under pressure.
• Strong stakeholder, vendor and project management capability across Technology, Risk and Business units.
• Good verbal and written communication skills, including preparation of technical and management reports.
• Ability to translate technical security risks into business impact and provide risk-based recommendations.
• Proactive mindset with strong ownership, leadership and security advisory capability.

Knowledge

• Good understanding of cybersecurity frameworks, standards and regulatory expectations (e.g., BNM, RMiT, ISO27001, NIST)
• Hands-on knowledge of security technologies such as WAF, EDR/XDR, SIEM, DLP, PAM, encryption and vulnerability management solutions.
• Knowledge of network security concepts (segmentation, VPN, NAC, secure architecture and zero-trust principles).
• Familiarity with cloud security (e.g., Microsoft 365, Azure/AWS security controls, identity protection and access management).
• Understanding of security hardening, patch management and secure configuration baseline practices.
• Awareness of cyber threats, attack techniques and defensive security controls.
• Knowledge of incident response, threat containment and root cause analysis processes.
• Understanding of audit, compliance and risk management practices within banking environment.

Experience

• Minimum 7-10 years of working experience in IT Security / Cybersecurity / Security Engineering / Security Operations within financial services or regulated environment.
• Experience implementing or managing enterprise security platforms (e.g., SIEM, endpoint security, email security, network security, privileged access management).
• Experience performing security review or assessment for new systems, projects and infrastructure changes.
• Experience engaging auditors, regulators or risk management teams and handling audit findings or remediation.
• Experience in change management, documentation and operational procedures (SOP, standards and technical guidelines).
• Exposure to cloud security, digital banking systems or internet-facing banking services is an added advantage.