Job Summary :
A Systems Compliance Administrator serves as an active participant in the information security governance process to ensure that company is conducting its business in full compliance with Information Security Policy and Standard. You will be required to understand the business unit key assets and processes, identify and evaluate risks and controls, and suggest incremental controls or risk mitigation strategies where necessary to improve the information security posture.
Job Responsibilities :
- Systems compliance and cybersecurity support – Monitor, analyze, and respond to real-time alerts from Security Operation Center (SOC) and Endpoint Security Systems. Collaborate with internal support teams and vendors to carry out cybersecurity exercises and activities such as penetration testing and vulnerability assessments.
- IT Policy and Compliance – Ensure all IT infrastructure, applications and processes align and comply with the Group IT policy and any relevant regulatory requirements. Develop, evaluate implement and update the Group IT Policy, relevant SOPs and other compliance documentation.
- IT Audit – Participate in the security assessment questionnaire, internal/external security audits exercise, monitor and track any required resolution to audit findings within the agreed timeline.
- SLA – Cybersecurity Incident and Service Request cases resolution.
- Bachelor’s degree in computer science (or related area) preferred.
- At least 3 Year(s) of working experience in the related field.
- Knowledge in Risk Management is an advantage.
- Knowledge in PCI DSS/ ISO 27001/ SOC 2 Standards is an advantage.
- Knowledge of technical infrastructure network, databases, systems and endpoint security.
- Experience in developing, documenting and maintaining security procedures, technical documentation and/or process documentation.
- Good comprehension of IT Compliance functions and guidelines.
- Good written and verbal communication skills.
- Critical thinking and attention to detail.
- Must be organized and have the ability to manage projects of varying length.
- Positive, self-motivated individual who can complete tasks independently.
- Enthusiasm for continuous learning, as well as being able to contribute to team development.
- Team player who can perform under pressure and tight deadlines
- Willing to take the initiative, listen, learn and respond positively to challenges and criticism. And could provide constructive feedback and contribution to the discussion.
- Experience in the automotive industry is an added advantage.
* Only shortlisted candidates will be notified.
|Job Category||Information Technology|
|PDPA||The Personal Data Protection Act 2010 (hereinafter referred to as “the Act”), which regulates the processing of personal data in commercial transactions, applies to Tan Chong Motor Holdings Berhad (“TCMH”), Warisan TC Holdings Berhad (“WTCH”) and APM Automotive Holdings Berhad (“APM”) and their respective subsidiaries (collectively referred to as “the Group” or “our”, “us” or “we”). For the purposes of this Notice, the terms “personal data” and “processing” shall have the same meaning as prescribed in the Act. 1. The Group respects the privacy of your personal data and is committed in ensuring the confidentiality, protection, security and accuracy of your personal data made available to us. This written notice serves to inform you the purposes prescribed in paragraph 3 of this Notice that your personal data are being processed, by or on behalf of the Group in connection with your application for employment and, if applicable, your terms of employment with the Group. 2. The personal data processed by us may include name, national registration identity card number, contact number, address and photograph(s) including your sensitive personal data such as your religion, health condition and criminal record (if any), provided by you in the documents as prescribed in paragraph 4 of this Notice. 3. We are processing your personal data, including any additional information you may subsequently provide, for the following purposes (“Purposes”): (a) processing your application for employment with us; (b) assessing your application and your suitability as our employee; (c) performing your contract of service with us; (d) personnel administration; (e) training, personal development and management purposes; (f) providing you benefits as our employee including insurance cover; (g) conducting our internal activities, market surveys, trend analysis research, salary surveys and auditing; (h) conducting analytics and providing the same to governmental bodies and other agencies; (i) facilitating or enabling any checks that we conduct or by any third party or by credit reporting agency on you from time to time; (j) corporate exercise undertaken by us; (k) performing such other contracts as you may have entered with us; or such other purposes as may be related to the foregoing. 4. The personal data processed by us include all information contained in our Employment Application forms as well as other information we may obtain about you, including but not limited to from oral or written communications, documentation relating to training and development and all other employment related forms. 5. You may access and request for updating and correction of your personal data and to contact us with any enquiries or complaints in respect of your personal data as follows: Designation of the Contact Person : Group Human Resources or your HR representatives Telephone No. : 03-2788 3177 E-mail address : firstname.lastname@example.org In accordance with the PDPA, we may refuse to comply with your request for access or correction to your personal data and if we refuse to comply with such request, we will inform you of our refusal and reason for our refusal. 6. Your personal data may be disclosed to companies within the Group (including the Group and any subsidiaries, associated, related and affiliated companies of members of the Group), business partners, all governmental and/or quasi-governmental departments and/or agencies, regulatory and/or statutory bodies, such as but not limited to the Inland Revenue Board, the Employees’ Provident Fund Board, the Social Security Organisation and Bank Negara Malaysia, any healthcare professionals or hospitals, our auditors, our banks, business partners and/or service providers and any other third party that you have requested or authorized us to disclose your personal data for the above purposes or any other purposes directly related to any of the Purposes. 7. It is obligatory that you supply us with all the information described in the Employment Application Form and any other employment related forms. If you fail to supply the said information, we will be unable to consider your application. 8. Your personal data may be transferred to a place outside Malaysia. 9. You are responsible for ensuring that the personal data you provide us is accurate, complete and not misleading and that such personal data is kept up to date. 10. We may request your assistance to procure the consent of third parties whose personal data is provided by you to us and you agree to use your best endeavours to do so. 11. In the case of an application for employment with us, if your application is unsuccessful, we will keep your information for a reasonable period in accordance with legal requirements and for our own administration purposes. We or our business partners may also contact you if other job opportunities arise in the future. 12. In the event of any inconsistency between the English version and the Bahasa Malaysia version of this notice, the English version shall prevail over the Bahasa Malaysia version.|