JOB DESCRIPTION

·      Provide the excellent supports on overall aspects of Information Security, IT Governance, IT Risk, and IT Compliance

·      Perform IT risk assessment and produce actionable plan to secure bank’s application, data and networks.

·      Monitoring privilege account usage to ensure compliance with security policies

·      Assess and develop up to date with IT security policy, standards and threats

·      Collaborate with management and the related IT department to improve security posture

·      Document any security breaches and assessing their damage

·      Coordinate and update information security incident response document, ensuring processes and procedures are tested regularly in line with IT continuity, business continuity planning (BCP) and disaster recovery (DR) policy

·      Promote cyber security awareness posture at all levels of management and employees, by maintaining and developing a positive culture of compliance against IT security policy, industry standards and regulations

·      Identify and address a full range of issues from structure and policy, through to assisting in specific areas such as data privacy; data leakage prevention / monitoring; information rights management; third party security and cryptography

·      Perform day to day IT security operation required by head of departments and management

·      Minimize all risks including operational, information and cyber security risk

JOB REQUIREMENT

·      Having 3 years of experiences within IT security related domain and working in financial / telecom / auditing industry

·      Bachelor's Degree in Information Technology, Computer Science, and Software Engineering or a related qualification, and/or demonstrated capability through past employment experience

·      Holding any IT security related certification (ISO27001 LI, CEH, CCNA / CCNP Security) or from equivalent recognized organizational body is a plus

·      Proven experience of implementing an information security management system (ISMS)

·      Experience in undertaking internal and third party audits covering IT governance and information security controls

·      Solid understanding of IT and experience in developing IT governance, controls and best practices

·      Proven ability to write easy to understand reports and deliver presentations on information risk management, systems process control and IT general control review reports

·      Proven ability to work and communicate effectively and fluently with managers and staff, including the ability to explain complex technical issues in terms that non-technical managers and staff will understand

·      Have a strong understanding of advanced threat detections, continuous vulnerability assessment, response and mitigation strategies used in Cyber Security operations

An understanding of a business continuity role and/or policies processes and plans