Job vacancy Assistant Manager, IT Security & Governance

Responsibilities

• Help to implement group wide solution to address information security issues with focus on identification of common patterns and issues
• Maintain and review technology policies, standards, processes and remediation management to continuously improve information security governance
• Execution of self-assessment program to ensure technology is in compliance with the established information security policies, standards and processes
• Support the implementation of new generation information security architecture
• Manage daily incident management to ensure timeliness of resolution in place
• Ensure significant business initiatives are reviewed and aligned with the information security policies, standards and processes
• Regulatory interface on information security related aspects
• Interface with auditors to ensure all audit and compliance findings are adequately remediated across the business unit
• Provide value added services and become a business partner and growth enabler to the business by providing advisory and support to business leaders
• Ensure information security principles have the right balance of data protection and ease of doing business
• Help build and nurture a local business unit information security team
• Participate in the group technology risk forum to ensure business unit perspective is adequately factored in while building group information security strategy
• Staff training through exercises such as phishing and also development of country specific training content in addition to the existing group wide information security content
• Monitor end user devices, tablets, computers, servers and networks for security issues
• Fix all detected vulnerabilities and compliance to maintain a high-security standard as per corporate guideline
• Investigate and fix all detected security breaches and other cyber security incidents
• Develop, maintain, implement and enforce unique and effective security strategies for application systems, networks, data centers, and hardware
• Develop, maintain, implement and enforce technical security architecture according enterprise architecture requirment
• Guide, review and evaluate vendors and partners in the security area
• To support and to troubleshoot issues and ensure daily incidences are resolved within the agreed standard
• To raise and escalate all incidences and issues timely for resolution
• Work closely with any of the team member and to back up each other at any time to ensure no daily activities and tasks are being carried out without any delay
• Be a team player to share knowledge and help develop staff competencies

Required Qualifications And Skills

• Bachelor degree in Information Technology, Engineering or related field preferred
• 5-6 years of experience in information security or related field
• Experience with computer network penetration testing and techniques
• Understanding of firewalls, proxies, SIEM, antivirus, EDR and IDS/IPS concepts
• Ability to identify and mitigate network vulnerabilities and explain how to avoid them
• Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact
• Experience in project management is a plus
• Have relevant experience working in infrastructure and IT help desk both from the local and or foreign(preferred) company
• Good knowledge of EUS support guideline and processes
• Articulate and proficient in written and spoken English
• Individuals keep abreast of current security threats and stay current with security technology evolution