IT Security Specialist (Compliance & Risk Management)
Detail posisi
Kewajiban
• Manage and support the IT Security and Information Security (IS) operational processes, such as the compliancy assessment, user awareness training, information security and data security operations.
• Support and ensure compliance with the processes of IS such as IS Governance (e.g. IT Risk Oversight, IT Audit, IT Risk management), Identity and Access Management, Data Protection, Threat and Vulnerability Management, Application Security, Infrastructure and Network Security, Endpoint Security Protection, Cloud Security, etc.
• Follow the Cyber Hygiene practice adopted from Regional Information Security team and Group Information Security team through Technical Vulnerability Management, Security Operations, Application Security Assessment, etc.
• Monitor and follow up IT security related issues, create the report and communicate to Technology risk committee and relevant committees.
• Manage projects that rollout information security technology and solutions to align with the Group information security technology roadmap.
• Work together with Regional information security teams and Group Information Security team to ensure alignment of local country security controls with regional and group policy/standard/guideline.
• Work closely with stakeholders from business, IT, 2nd line enterprise/operation risk, and group/external 3rd line auditor to ensure effective security controls in place.
Kualifikasi
• 5 years+ working experience in information security and/or IT Risk areas, preferably within financial institution, or from consulting firm.
• Knowledge and experience in multiple security domains and operations; including identity and access management, privilege ID access management, security risk management, data leakage prevention, cloud security, vulnerability management, security monitoring, security incidents respond.
• Preferable also with knowledge on technology risk management and understanding of regulatory requirements.