Head of Cyber Security Governance and Compliance

Head of Cyber Security

The Job

• The position holder is responsible to direct and enforce mitigation strategies to reduce Dialog Group’s attack surface and ultimately reduce and maintain the risk exposure of the organisation within acceptable limits
• Responsible in assisting Axiata and Dialog senior management in formulating the cyber security strategy across Dialog and Axiata group and will be responsible to ensure that Dialog is adequately protected and resilient against cyber threats and attacks
• Responsible to architect proactive defense mechanisms to mitigate cyber-attacks and be the focal point for cyber defense and information risk related matters
• Accountable for planning, designing and improving information security across Dialog and its subsidiaries
• Provide senior expertise and thought leadership for other experts in the information/cyber security domain
• Ensure the design of Cyber Security detection and protection is always in operation
• Establish TVM functional processes and Group Security Operations Center interactions
• Coordinate with external stake holders, consultants and Axiata group and OPCOs Cyber security teams to maintain an accurate cyber security platform
• Present findings on cyber security related incidents and overall status of cyber hygiene to Cyber Security Steering Committee
• Direct the enterprise security roadmap for Dialog Group in collaboration with Axiata
• Identify root cause analysis for outages that may have security implications and disrupt operations
• Coordinate with project stakeholders and advice on evaluating information security related risks
• Drive privacy related initiatives to be incorporated into the Cyber security program
• Address supplier shortages and performance issues within the supply chain to increase process efficiency and effectiveness
• Design information security processors for required areas of work to assure mechanism are in place
• Communicate with end users on existing cyber security policy’s, new changers, new and emerging threats to the organization and educate them of the importance of adherence
• Responsible for electronic Information protection, to prevent internal information from being disclosed
• Performing activities as per Infosec Calendar, risk register and Infosec related activities
• Establish succession planning, and track the progress of employee’s carrier development goals
• Budgeting and capacity planning for deployed and proposed projects
• Interface to resolve issues between business requirements and security requirements