Assistant Manager - Audit & Regulatory Support

• Feb 2023 - Present

Lead Specialist - Audit & Regulatory Support

• Feb 2021 - Present

• Working with external auditors, Group Internal Audit (GIA) and Business Unit (BU) IS teams, to provide supports and coordination to on-going and upcoming audits/regulatory assessments supported or to be supported by the team; • For Group level cybersecurity/information security related audits, represents GIS and supports multiple aspects of in-scope matters including planning, fieldwork, discussion/validation of findings and etc. • For local BU cybersecurity/information security related audits, represents GIS to support and provide guidance to local BU IS team for GIS managed processes. • To ensure that all GIS information submitted to auditors or regulators are verified and are factually accurate • Working with responsible GIS functional teams, takes responsibilities to ensure that all draft audit or regulatory findings on GIS processes are appropriately validated for factual accuracy before confirmation • Working with responsible GIS functional teams, takes responsibilities to ensure action plans defined addresses root causes of findings with the aim of avoiding a repeated finding Show less

Consumer of Shuang Hor Products

• Jul 2007 - Present

http://www.shuanghor.com.my http://www.shuanghor.com.my

IT Security and Risk Management Manager

• Jan 2020 - Jul 2020

IT Risk and Security with Internal IT Audit, Disaster Recovery testing, PCI DSS and IT Policy and Procedures, ISO 27000, NIST framework assessment IT Risk and Security with Internal IT Audit, Disaster Recovery testing, PCI DSS and IT Policy and Procedures, ISO 27000, NIST framework assessment

Senior Executive IT Risk & Security

• Feb 2015 - Dec 2019

IT Risk and Security with Internal IT Audit, Risk Management, Business Process Improvements initiative, Disaster Recovery testing, PCI DSS and IT Policy and Procedures, ISO 27000 IT Risk and Security with Internal IT Audit, Risk Management, Business Process Improvements initiative, Disaster Recovery testing, PCI DSS and IT Policy and Procedures, ISO 27000

Business Process Consultant/Analyst

• Jan 2014 - Jan 2015

The aim is to be effective and efficient in all deals. Lead effort towards business process improvement focusing on post sales cycle. Ensure completion of setting up IT Service Management service documentation for IT Outsourcing team. Technical document consist of Process Operation Manual & Engineer work instruction. On going effort to entertaining additional request to include Business User Guide documentations. Provide advisory service on ad-hoc basis to IT Operation team towards process compliance adhering to ISO 20000. Participate in corporate governance activity to influence a cost effective, productive and risk-mitigated business structure. Show less

IT Internal Auditor of Mesiniaga Alliances

• Sep 2013 - Jan 2014

Ensuring operational excellence through compliance of service delivery and governance international standards.Involved in planning operational excellence initiative by assessing documentation adequacy throughout Mesiniaga Alliances service delivery teams. Upon initial effort conducting stock take, special projects to fill operational gaps identified.Undertake documentation projects aiming towards effective roles and responsibility handover. This includes session on task awareness & training to respective team members.Backfill of Service Delivery in the event of SDM turnover. Fronting customer. and discuss service delivery matters. Show less

Service Delivery @ Transition Manager

• Nov 2012 - Sep 2013

Ensure Post Implementation services and delivery readiness to assist operation excellence and increase customer satisfaction towards meeting contractual obligation.

Internal IT System Administrator

• Jul 2012 - Dec 2012

Ensure delivery of IS Delivery daily operation from Service Desk requests, User Administration, IT Problem Management, Process Improvement, Interdepartment Communication, IS IT Projects, Asset Management, Conflict Resolution, etc.Involved in ITSM as IS Dept Problem Management Process Owner and working closely with the ISO Management Representative to achieve the quality outputs.Ensure the execution of other quality processes within the department to achieve ISO 20000 certification for Mesiniaga Alliances Sdn Bhd as an IT Outsourcing company.Produced monthly service report for Delivery IS Team to measure team output and planned services.Baseline other administrative process and procedures that is continued to be used within the IS Team. Show less

Internal IT System Administrator

• Jun 2011 - Jul 2012

In charge of User Administration, Internal IT services, Helpdesk Administrator, Problem Management Process Owner and Internal Process improvements. Organize asset management of internal IT for interdepartmental usage of notebook, servers, printers, etc. Involved in internal IT software audit conducted company - wide. Capture and document user administration processes and identified gaps in the BAU and coming up with recommendations to reduce error, maintain quality, and increase team productivity. Work with internal IT team members to achieve overall department customer satisfaction and increase the good experience serving internal customer. Show less

Software Engineer

• Jul 2007 - Jun 2010

Trained in Java (Struts Framework) Developed Lotus Notes client application ITIL v3 certified. Developing and maintaining in house lotus notes applications with compliance to standard application development. Conduct root cause analysis to application problems occurring in production applications. Involved in change request management of applications and document implementation in standard repository. Trained in Java (Struts Framework) Developed Lotus Notes client application ITIL v3 certified. Developing and maintaining in house lotus notes applications with compliance to standard application development. Conduct root cause analysis to application problems occurring in production applications. Involved in change request management of applications and document implementation in standard repository.

Technical Trainee

• Jul 2006 - Nov 2006

Generate firewall report on monthly basis using tool by NAS Generate firewall report on monthly basis using tool by NAS