711 Chief Security Officer jobs in Malaysia

Divisional Manager - Technology | Banking & Financial Services | Executive Search | C-Suite - CIO/CTO/CISO/CPO/CDO

Main Duties & Responsibilities:

• Define and execute the information security strategy aligned with group policies and regulatory requirements.
• Lead the development of security architecture, frameworks, and governance models.
• Oversee risk assessments, threat modeling, and vulnerability management.
• Ensure compliance with local and international banking regulations.
• Manage internal and external audits, and respond to regulatory inquiries.
• Collaborate with business units, IT, legal, and compliance teams to embed security into operations.
• Provide regular updates to senior leadership and board-level committees.
• Build and lead a high-performing cybersecurity team across multiple locations.
• Drive continuous training, awareness, and development programs

• Bachelor’s or Master’s degree in Information Security, Computer Science, or related field.
• Minimum 10-15 years of experience in cybersecurity, with at least 5 years in a leadership role.
• Proven experience in banking or financial services, preferably within a shared services or regional setup.
• Professional certifications such as CISSP, CISM or CRISC.
• Strong understanding of regulatory frameworks (BNM RMiT, ISO 27001, NIST, etc.).
• Excellent communication, stakeholder management, and crisis leadership skills.

To apply, please click "APPLY NOW" or email Moon Thai at Data provided is for recruitment purposes only.

Due to the volume of applications received, we regret to inform you that only shortlisted candidates will be notified.

JTK Number: JTKSM 995 | Company Registration Number: -T)

Note: If this job isn’t quite right for you, but you know someone who would be great at this role, there is a referral scheme. We offer MYR500 in shopping vouchers for every referred candidate who we place in a role. Terms & Conditions Apply.

• Director

• Full-time

• Management, Information Technology, and Strategy/Planning

• Banking, Financial Services, and Technology, Information and Media

Get notified about new Chief Information Security Officer jobs in Greater Kuala Lumpur.

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 week ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

This role leads the development and execution of cyber risk treatment plans, crisis management exercises, and regulatory compliance for a major financial institution. It builds strong stakeholder relationships and drives a proactive cyber risk culture to protect the organisation's operations and reputation.

Client Details

Our client is a leading financial services group with a strong regional footprint, committed to upholding the highest standards of cyber security and operational resilience.

Description

As Head of Cyber Risk & Resilience (CISO), you will drive the development and execution of risk treatment plans in partnership with business and technology teams. You will:

• Lead the identification, prioritisation, and remediation of cyber risks, adapting to emerging threats and ensuring timely action on issues impacting the organisation's cyber risk profile.
• Coordinate cyber crisis management exercises, enhance response and recovery capabilities, and maintain up-to-date playbooks and workarounds.
• Oversee all ICS-related regulatory requests, self-assessments, and audit certifications (e.g., SWIFT, PCI-DSS, ISO 27001), ensuring compliance and robust control environments.
• Build and sustain strong relationships with internal stakeholders and regulators, fostering a culture of cyber risk awareness and delivering key management metrics and scorecards.

Profile

You will have:

• 10+ years' experience in cyber risk management, resilience, or information security, ideally within financial services or regulated industries.
• Proven track record in developing and executing risk treatment plans and managing regulatory audits.
• Strong crisis management, stakeholder engagement, and communication skills.
• Experience with industry standards and frameworks (e.g., SWIFT, PCI-DSS, ISO

Job Offer

• Competitive salary ranging from MYR 396,000 to MYR 484,000 per annum.
• Comprehensive benefits package, including healthcare and retirement plans.
• Generous holiday allowance to promote work-life balance.
• Opportunities for professional growth and development.
• A collaborative and inclusive company culture.

If you are passionate about information security and ready to make a significant impact within the financial services industry in Kuala Lumpur, we encourage you to apply today.

To apply online please click the 'Apply' button. For a confidential discussion about this role please contact Tania Mustafa (Lic No: R / EA No.: 18C9065) on Michael Page International Pte Limited, company number N (including Page Executive A) and Page Personnel Recruitment Pte Ltd (Registration Number: C)) operates under the EA Licence Numbers of 18S9099 and 18C9065.

Main Duties & Responsibilities:

• Define and execute the information security strategy aligned with group policies and regulatory requirements.
• Lead the development of security architecture, frameworks, and governance models.
• Oversee risk assessments, threat modeling, and vulnerability management.
• Ensure compliance with local and international banking regulations.
• Manage internal and external audits, and respond to regulatory inquiries.
• Collaborate with business units, IT, legal, and compliance teams to embed security into operations.
• Provide regular updates to senior leadership and board-level committees.
• Build and lead a high-performing cybersecurity team across multiple locations.
• Drive continuous training, awareness, and development programs

Candidate Profile:

• Bachelor's or Master's degree in Information Security, Computer Science, or related field.
• Minimum 10-15 years of experience in cybersecurity, with at least 5 years in a leadership role.
• Proven experience in banking or financial services, preferably within a shared services or regional setup.
• Professional certifications such as CISSP, CISM or CRISC.
• Strong understanding of regulatory frameworks (BNM RMiT, ISO 27001, NIST, etc.).
• Excellent communication, stakeholder management, and crisis leadership skills.

How to Apply?

To apply, please click "APPLY NOW" or email Moon Thai at Data provided is for recruitment purposes only.

Due to the volume of applications received, we regret to inform you that only shortlisted candidates will be notified.

JTK Number: JTKSM 995 | Company Registration Number: T)

If this job isn't quite right for you, but you know someone who would be great at this role, why not take advantage of our referral scheme? We offer MYR500 in shopping vouchers for every referred candidate who we place in a role. Terms & Conditions Apply.

Chief Information Security Officer (CISO)

This role leads the development and execution of cyber risk treatment plans, crisis management exercises, and regulatory compliance for a major financial institution. It builds strong stakeholder relationships and drives a proactive cyber risk culture to protect the organisation's operations and reputation.

Our client is a leading financial services group with a strong regional footprint, committed to upholding the highest standards of cyber security and operational resilience.

As Head of Cyber Risk & Resilience (CISO), you will drive the development and execution of risk treatment plans in partnership with business and technology teams. You will:

• Lead the identification, prioritisation, and remediation of cyber risks, adapting to emerging threats and ensuring timely action on issues impacting the organisation's cyber risk profile.
• Coordinate cyber crisis management exercises, enhance response and recovery capabilities, and maintain up-to-date playbooks and workarounds.
• Oversee all ICS-related regulatory requests, self-assessments, and audit certifications (e.g., SWIFT, PCI-DSS, ISO 27001), ensuring compliance and robust control environments.
• Build and sustain strong relationships with internal stakeholders and regulators, fostering a culture of cyber risk awareness and delivering key management metrics and scorecards.

You will have:

• 10+ years' experience in cyber risk management, resilience, or information security, ideally within financial services or regulated industries.
• Proven track record in developing and executing risk treatment plans and managing regulatory audits.
• Strong crisis management, stakeholder engagement, and communication skills.
• Experience with industry standards and frameworks (e.g., SWIFT, PCI-DSS, ISO 27001).

• Competitive salary ranging from MYR 396,000 to MYR 484,000 per annum.
• Comprehensive benefits package, including healthcare and retirement plans.
• Generous holiday allowance to promote work-life balance.
• Opportunities for professional growth and development.
• A collaborative and inclusive company culture.

If you are passionate about information security and ready to make a significant impact within the financial services industry in Kuala Lumpur, we encourage you to apply today.

Michael Page International is a leading professional recruitment consultancy specialising in the recruitment of permanent, contract and temporary positions on behalf of the world’s top employers. We have over 40 years in the recruitment market and a network spanning 36 countries.

Entity:
Technology

Job Family Group:
IT&S Group

Job Description:
Technology is making a difference in bp's plans to invest in today's energy system and help build tomorrow's. As an expert community of science, safety and security, as well as digital specialists, our aim is to advance and protect bp. We use our expertise to help improve efficiency, increase effectiveness and harness the transformational potential of digital technologies to deliver value.

Our purpose is to deliver energy to the world, today and tomorrow. For over 100 years, bp has focused on discovering, developing, and producing oil and gas in the nations where we operate. We are one of the few companies globally that can provide governments and customers with an integrated energy offering. Delivering our strategy sustainably is fundamental to achieving our ambition to be a net zero company by 2050 or sooner

You will work with

The Operational Technology (OT) Security Lead is part of our global OT Security Solutions team.

This team secures bp's process control networks and operational technology (OT) systems. We work with business teams to protect critical physical systems to frontline operations. We design and enforce security controls and collaborate with site teams to ensure smooth operation of those controls

Let me tell you about the role

The Operational Security Solutions Lead will be responsible for the development and deployment of security solutions. . You will develop detailed solutions, operational processes and procedures, train junior staff, and identify or develop automated processes to simplify the service.

What You'll Do

• Design, configuration, and delivery of security solutions for ICS systems.
• Support cybersecurity assessments and risk analysis for OT environments.
• Review industrial network traffic and control system behavior.
• Collaborate with IT and OT teams to implement security best practices.
• Document system configurations, network diagrams, and incident response procedures.
• Learn and apply industry standards such as NIST SP and ISA/IEC 62443.

What We're Looking For

• Bachelor's degree in Electrical Engineering, Industrial Automation, or related field.
• Familiarity with PLCs, SCADA systems, and industrial protocols (e.g., Modbus, DNP3, OPC).
• Understanding of engineering and operational procedures, utilized at industrial facilities within the OT domain.
• Familiarity with main stream industrial control system vendor solutions and the architectures – Honeywell, ABB, Emerson, Rockwell.
• Basic understanding of networking (TCP/IP, VLANs, firewalls).
• Interest in cybersecurity principles and threat landscapes in OT environments.
• Strong problem-solving skills and a willingness to learn.
• Effective communication and teamwork abilities.

Nice to Have

• Project and design experience in ICS and/or cybersecurity.
• Exposure to tools like MDIoT, Sentinel, Wireshark, Nessus, or Splunk.
• Knowledge of data analysis and scripting (KQL, Python, PowerShell, or Bash).

Why join our team?

At bp, we provide an excellent working environment and employee benefits such as an open and inclusive culture, a great work-life balance, tremendous learning and development opportunities to craft your career path, life and health insurance, medical care package and many others.

We support our people to learn and grow in a diverse and challenging environment. We believe that our team is strengthened by diversity. We are committed to crafting an inclusive environment in which everyone is respected and treated fairly.

There are many aspects of our employees' lives that are meaningful, so we offer benefits to enable your work to fit with your life. These benefits can include flexible working options, collaboration spaces in a modern office environment, and many others benefits.

Reinvent your career as you help our business meet the challenges of the future.

Apply now

Travel Requirement
No travel is expected with this role

Relocation Assistance:
This role is not eligible for relocation

Remote Type:
This position is a hybrid of office/remote working

Skills:
Automation system digital security, Client Counseling, Conformance review, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment and compliance, Risk Management, Secure development, Security administration, Security architecture, Security evaluation and functionality testing, Solution Architecture, Stakeholder Management, Supplier security management, Technical specialism

Legal Disclaimer:
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, socioeconomic status, neurodiversity/neurocognitive functioning, veteran status or disability status. Individuals with an accessibility need may request an adjustment/accommodation related to bp's recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an adjustment/accommodation related to the recruitment process, please contact us.

If you are selected for a position and depending upon your role, your employment may be contingent upon adherence to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks.

Human Security Risk Management Lead page is loadedHuman Security Risk Management Lead Apply locations Kuala Lumpur, Malaysia posted on Posted 30+ Days Ago job requisition id

ABOUT US

We’re the world’s leading provider of secure financial messaging services, headquartered in Belgium. We are the way the world moves value – across borders, through cities and overseas. No other organisation can address the scale, precision, pace and trust that this demands, and we’re proud to support the global economy.

We’re unique too. We were established to find a better way for the global financial community to move value – a reliable, safe and secure approach that the community can trust, completely. We’re always striving to be better and are constantly evolving in an ever-changing landscape, without undermining that trust. Five decades on, our vibrant community reflects the complexity and diversity of the financial ecosystem. We innovate diligently, test exhaustively, then implement fast. In a connected and exciting era, our mission has never been more relevant. Swift now has a presence in 200+ countries and legal territories to serve a community of more than 12,000 banks and financial institutions.

What to expect

In this role, you will:

• Develop, implement and ensure that our Human Security Risk Management (HSRM) program communicates, promotes and reinforces our strong security culture, policies and requirements globally across all levels of the organization.
• Ensure that our global HSRM program meets all company policies, industry regulations, standards, and compliance requirements on cyber and physical security.
• Stay abreast of latest cybersecurity threats and industry trends on HSRM, continuously evolving training content to address emerging risks, compliance requirements and employee learning preferences.
• Champion a forward-thinking HSRM awareness and training strategy that not only addresses current risk but anticipates future challenges.
• Oversee the end-to-end development, execution and continuous improvement of a variety of high-quality, engaging, up-to-date and informational security awareness training materials including e-learning modules, videos, infographics, articles, newsletters, workshops, presentations, and events, etc., that are relevant to the current threat landscape and delivered on a timely basis,
• Identify key areas of human, cyber and physical security risks within the organization and develop targeted training materials to address threats.
• Lead the roll-out and management of HSRM awareness initiatives across multiple regions, ensuring cultural relevance for diverse global teams.
• Measure, monitor, and assess the effectiveness and efficiency of the HSRM program and trainings through feedback, surveys, performance metrics, and analytics, making improvements as needed to ensure continuous optimization and measurable reductions in security incidents.
• Identify and provide regular reporting to senior leadership and global stakeholders, including auditors and regulators, on the top human security risks to our organization and the behaviors that need to change to mitigate risks, through clear metrics.
• Collaborate with leadership and different cross-functional global teams to ensure alignment of HSRM awareness initiatives with overall company objectives.
• Collaborate with subject matter experts to ensure accuracy, relevance, successful delivery, and effectiveness of HSRM content.
• Develop and maintain HSRM awareness policies, procedures, and guidelines.
• Participate in audits and assessments to meet governance and compliance requirements.
• Lead and coach team of HSRM personnel, encouraging collaboration and creativity, managing performance by setting and measuring against clear objectives that deliver to the highest quality levels and in line with applicable controls.
• As the most senior Global Security personnel at the Kuala Lumpur office, manage and mentor junior members of Global Security teams on site.
• As needed, at the direction of global leadership provide ad-hoc operational support and deployments.

Skills and Experience

• Exceptional written and verbal communication skills, and proven ability to translate security and risk to all levels of the business, using clear and concise language, and engaging and creative methods.
• Strong leadership and management skills, and ability to motivate and inspire the team.
• High level of professionalism, integrity, and ethics.
• Experience reporting to senior management on HSRM metrics, risk management, and governance.
• Proven ability to form complex ‘communications / messages’ in a simple, clear, and concise manner to the various communities within our organization. This can include different cultures, nationalities, international locations, and languages.
• Display practical knowledge of different message distribution techniques to ensure end user communities understand and continually apply the required behavioral change necessary to reduce the ‘human factors’ risk.
• Real doer/delivery oriented: making things happen. Enthusiastic and dynamic individual willing to "roll up the sleeves" and contribute to the overall objectives and deliverables of the team
• Proficient in using Learning Management Systems (LMS), and security awareness and training tools.
• Strong project management experience with proven ability to plan, manage, prioritize, communicate, and maintain multiple complex, organization-wide programs and initiatives over long term, including co-ordinating the activities of matrixed teams, in a fast-paced environment.
• Strong collaborator with excellent interpersonal skills, adept at fostering positive relationships with a variety of people in Global Security, IT, Legal compliance, HR, Corporate Communications, and other departments in the business, building trust and rapport.
• Fluent in English (spoken and written)

Preferred qualifications:

• Bachelor’s degree or equivalent experience in Information Security, Education, Communications, or a related field.
• Minimum 8+ years of proven experience in content development, instructional design, or a similar role, preferably in IT/cyber security and/or risk management with a significant focus on security awareness and training at an enterprise scale.
• At least 7 years of management experience, managing large, complex security awareness programs.
• Strong understanding of information security and HSRM principles and frameworks.
• Certification in Information Security (e.g., CISSP, CISM) or Instructional Design (e.g., CPLP) is a plus.
• Experience in highly regulated environments, especially in the financial services industry is highly preferred.

What will make you successful?

• Staying up to date with the latest trends and developments in information security and incorporate them into training materials.
• Customer oriented and quality-oriented attitude.
• Open-minded, curious, creative problem solver and solutions oriented.
• Adaptability and responsive to change.
• Pro-active, open, and trusted teammate.
• Excellent English communication skills (both spoken and written).
• Experience in a global organization in the financial services industry.
• Ability to operate in a fast-paced, ever-evolving technological landscape.

What we offer

We put you in control of career

We give you a competitive package

We help you perform at your best

We help you make a difference

We give you the freedom to be yourself

We give you the freedom to be yourself. We are creating an environment of unique individuals – like you – with different perspectives on the financial industry and the world. A diverse and inclusive environment in which everyone’s voice counts and where you can reach your full potential.

If you believe you require a reasonable accommodation to participate in the job application or interview process, please contact us to request accommodation.

Don’t meet every single requirement? At Swift, we are dedicated to building a workplace where people can bring their full selves and ideas to the team, so if you are excited about this role, we encourage you to apply even if you do not meet every single qualification.

Swift doesn’t stand still. We are constantly evolving and tirelessly innovating. Working at the intersection of finance and technology is a very exciting place to be right now.

Swift is transforming cross-border payments, making them faster and more transparent than ever before. We are the way the world moves value — every instant of every day, in almost every country.

We are proud that what we do has a critical impact on the global financial community and touches almost every aspect of the financial world. So, what you do at Swift has real impact too — an impact that matters every day. Which is why you matter to us.

Joining Swift gives you unparalleled exposure to knowledge, expertise and technologies. If you have what it takes, you’ll be able to take on different career paths and have the opportunity to work in teams, departments and disciplines in countries around the world.

Swift is unique. There is no other organisation like ours in the world driving the long-term future of the financial ecosystem. You’ll be surrounded by bright, customer-focused and intellectually curious people in a collaborative, friendly, open and inclusive environment.

At Swift we are trusted every instant. Everything we do has an impact that matters. And as a member of our team, you are trusted to make your impact every day.

Interested in working at Swift, but the role you are looking for is not available yet? Please create an account and register for a Job Alert and we will let you know when new jobs matching your career interests become available.

About Us
We're the world's leading provider of secure financial messaging services, headquartered in Belgium. We are the way the world moves value – across borders, through cities and overseas. No other organisation can address the scale, precision, pace and trust that this demands, and we're proud to support the global economy.

We're unique too. We were established to find a better way for the global financial community to move value – a reliable, safe and secure approach that the community can trust, completely. We're always striving to be better and are constantly evolving in an ever-changing landscape, without undermining that trust. Five decades on, our vibrant community reflects the complexity and diversity of the financial ecosystem. We innovate diligently, test exhaustively, then implement fast. In a connected and exciting era, our mission has never been more relevant. Swift now has a presence in 200+ countries and legal territories to serve a community of more than 12,000 banks and financial institutions.

What To Expect
In this role, you will:

• Develop, implement and ensure that our Human Security Risk Management (HSRM) program communicates, promotes and reinforces our strong security culture, policies and requirements globally across all levels of the organization.
• Ensure that our global HSRM program meets all company policies, industry regulations, standards, and compliance requirements on cyber and physical security.
• Stay abreast of latest cybersecurity threats and industry trends on HSRM, continuously evolving training content to address emerging risks, compliance requirements and employee learning preferences.
• Champion a forward-thinking HSRM awareness and training strategy that not only addresses current risk but anticipates future challenges.
• Oversee the end-to-end development, execution and continuous improvement of a variety of high-quality, engaging, up-to-date and informational security awareness training materials including e-learning modules, videos, infographics, articles, newsletters, workshops, presentations, and events, etc., that are relevant to the current threat landscape and delivered on a timely basis,
• Identify key areas of human, cyber and physical security risks within the organization and develop targeted training materials to address threats.
• Lead the roll-out and management of HSRM awareness initiatives across multiple regions, ensuring cultural relevance for diverse global teams.
• Measure, monitor, and assess the effectiveness and efficiency of the HSRM program and trainings through feedback, surveys, performance metrics, and analytics, making improvements as needed to ensure continuous optimization and measurable reductions in security incidents.
• Identify and provide regular reporting to senior leadership and global stakeholders, including auditors and regulators, on the top human security risks to our organization and the behaviors that need to change to mitigate risks, through clear metrics.
• Collaborate with leadership and different cross-functional global teams to ensure alignment of HSRM awareness initiatives with overall company objectives.
• Collaborate with subject matter experts to ensure accuracy, relevance, successful delivery, and effectiveness of HSRM content.
• Develop and maintain HSRM awareness policies, procedures, and guidelines.
• Participate in audits and assessments to meet governance and compliance requirements.
• Lead and coach team of HSRM personnel, encouraging collaboration and creativity, managing performance by setting and measuring against clear objectives that deliver to the highest quality levels and in line with applicable controls.
• As the most senior Global Security personnel at the Kuala Lumpur office, manage and mentor junior members of Global Security teams on site.
• As needed, at the direction of global leadership provide ad-hoc operational support and deployments.

Skills And Experience

• Exceptional written and verbal communication skills, and proven ability to translate security and risk to all levels of the business, using clear and concise language, and engaging and creative methods.
• Strong leadership and management skills, and ability to motivate and inspire the team.
• High level of professionalism, integrity, and ethics.
• Experience reporting to senior management on HSRM metrics, risk management, and governance.
• Proven ability to form complex 'communications / messages' in a simple, clear, and concise manner to the various communities within our organization. This can include different cultures, nationalities, international locations, and languages.
• Display practical knowledge of different message distribution techniques to ensure end user communities understand and continually apply the required behavioral change necessary to reduce the 'human factors' risk.
• Real doer/delivery oriented: making things happen. Enthusiastic and dynamic individual willing to "roll up the sleeves" and contribute to the overall objectives and deliverables of the team
• Proficient in using Learning Management Systems (LMS), and security awareness and training tools.
• Strong project management experience with proven ability to plan, manage, prioritize, communicate, and maintain multiple complex, organization-wide programs and initiatives over long term, including co-ordinating the activities of matrixed teams, in a fast-paced environment.
• Strong collaborator with excellent interpersonal skills, adept at fostering positive relationships with a variety of people in Global Security, IT, Legal compliance, HR, Corporate Communications, and other departments in the business, building trust and rapport.
• Fluent in English (spoken and written)

Preferred qualifications:

• Bachelor's degree or equivalent experience in Information Security, Education, Communications, or a related field.
• Minimum 8+ years of proven experience in content development, instructional design, or a similar role, preferably in IT/cyber security and/or risk management with a significant focus on security awareness and training at an enterprise scale.
• At least 7 years of management experience, managing large, complex security awareness programs.
• Strong understanding of information security and HSRM principles and frameworks.
• Certification in Information Security (e.g., CISSP, CISM) or Instructional Design (e.g., CPLP) is a plus.
• Experience in highly regulated environments, especially in the financial services industry is highly preferred.

What will make you successful?

• Staying up to date with the latest trends and developments in information security and incorporate them into training materials.
• Customer oriented and quality-oriented attitude.
• Open-minded, curious, creative problem solver and solutions oriented.
• Adaptability and responsive to change.
• Pro-active, open, and trusted teammate.
• Excellent English communication skills (both spoken and written).
• Experience in a global organization in the financial services industry.
• Ability to operate in a fast-paced, ever-evolving technological landscape.

What We Offer
We put you in control of career

We give you a competitive package

We help you perform at your best

We help you make a difference

We give you the freedom to be yourself

We give you the freedom to be yourself. We are creating an environment of unique individuals – like you – with different perspectives on the financial industry and the world. A diverse and inclusive environment in which everyone's voice counts and where you can reach your full potential.
If you believe you require a reasonable accommodation to participate in the job application or interview process, please contact us to request accommodation.
Don't meet every single requirement? At Swift, we are dedicated to building a workplace where people can bring their full selves and ideas to the team, so if you are excited about this role, we encourage you to apply even if you do not meet every single qualification.