Senior Officer, IT Security & Compliance

Job Responsibilities

• Provide the excellent supports on overall aspects of Information Security, IT Governance, IT Risk, IT Audit and IT Compliance;
• Do management of Information, Governance and Security processes and procedures to support business policies and operations;
• Do leadership of information security operations to ensure efficient, effective, proactive and reactive security monitoring controls;
• Do leadership of information security incident response, ensuring processes and procedures are tested regularly in line with IT continuity, business continuity planning (BCP) and disaster recovery (DR) policy;
• Promote information governance and security at all levels of management and employees, maintaining and developing a positive culture of compliance against industry standards and regulations;
• Lead and coordinate security incident response efforts to prevent and contain any known security threats;
• Identify and address a full range of issues from structure and policy, through to assisting in specific areas such as data privacy; data leakage prevention / monitoring; information rights management; third party security and cryptography;
• Lead and coordinate security incident response efforts to prevent and contain any known security threats;
• Do day to day management of in place vulnerability assessment technology;
• Minimize all risks including operational, information and cyber security risk;

• Having 3 years of experiences within IT Security related domain or in financial / telecom / auditing industry.
• Bachelor's Degree in Information Technology, Computer Science, and Software Engineering or a related qualification, and/or demonstrated capability through past employment experience;
• Qualified and holding IT security related certification (ISO27001 LI, CEH, CCNA / CCNP Security) or from equivalent recognized organizational body is a plus.
• Proven experience of implementing an information security management system (ISMS);
• Experience in undertaking internal and third party audits covering IT governance and information security controls;
• Solid understanding of IT and experience in developing IT governance, controls and best practices;
• Proven ability to write easy to understand reports and deliver presentations on information risk management, systems process control and IT general control review reports;
• Proven ability to author and revise information security policies and procedures;
• Proven ability to work and communicate effectively and fluently with managers and staff, including the ability to explain complex technical issues in terms that non-technical managers and staff will understand;
• Have a strong understanding of advanced threat detections, continuous vulnerability assessment, response and mitigation strategies used in Cyber Security operations;
• An understanding of a business continuity role and/or policies processes and plans;