Partner/Advisory, Ernst & Young Advisory Services
Professional Certifications and Affiliations
- Certified Information Systems Security Professional (CISSP)
- Certified Information Systems Auditor (CISA)
- ISO27001 Lead Auditor
- Former President, ISACA Malaysia Chapter
- Former Member, ISACA International Governmental and Regulatory Agencies Working Group
- Founding Member, Information Security Professional Association of Malaysia
Background and Experience
Jason is a Partner at Ernst & Young Advisory Services SdnBhd and focusing on Cybersecurity, Risk and Business Continuity. He has over 19 years of experience serving clients in various industries including financial services, oil & gas, energy, telecommunications, manufacturing, healthcare and the public sector.
Prior to joining EY, Jason was the Industry Advisor in the National CyberSecurity Agency under MOSTI. Jason has also held roles including as Country General Manager at a leading regional Managed Security Service Provider, National Security Leader at the Malaysian subsidiary of a global software company.
Jason is a regular speaker in Information Security, Audit and Controls and has spoken at various events regional and global events including IIA International Conference, San Diego Secure eCity Conference, Singapore Technology Audit and Controls Conference, ISACA/MNCC National Conference, Hacker Halted, Bursa Malaysia Industry Education and others. Jason has also been featured on radio providing Security Tips on Radio Light and Easy’s Word on Technology.
Engagements that Jason has been involved in include:
- Regional Cybersecurity improvement roadmap development for the Asia Pacific operations of a global multinational company
- Cybersecurity transformation project including cybersecurity maturity assessment, development of cybersecurity improvement roadmap and implementation of the cybersecurity roadmap for an Oil & Gas company
- Cybersecurity assessments and penetration testing for an energy company including power plant and office networks
- Security assessment and penetration testing for core banking system rollout of a regional bank
- Independent security incident investigation for an investment bank
- Independent security assessment and penetration testing for a stock exchange