Specialist, IT Security

About The Job

The role is to manage the governance, planning and risk management functions and ensures appropriate policies and controls are in place for effective service delivery. This role is responsible for protecting Bank’s computers, systems, networks, and data against cyber-attacks and security breaches. She/he shall be responsible for establishing and maintaining the bank’s vision, strategy, and program to ensure information assets and technologies are adequately protected.

What You Will Do

• Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program

• Develop and enhance an information security management framework.

• Understand and interact with related parties to ensure the consistent application of policies and standards across all technology projects, systems and services.

• Provide leadership to the enterprise's information security organization.•Partner with business stakeholders across the company to raise security awareness.

• Security operations: Real-time analysis of immediate threats, and triage when something goes wrong.

• Cyber risk and cyber intelligence: Keeping abreast of developing security threats, and helping the board understand potential security problems that might arise from acquisitions or other big business moves.

• Data loss and fraud prevention•Rolling out security hardware and software and making sure IT and network infrastructure is designed with best security practices in mind.

• Identity and access management: Ensuring that only authorized people have access to restricted data and systems.

• Investigations and forensics: Determining what went wrong in a breach,dealing with those responsible if they are internal, and planning to avoid repeats of the same crisis.

• Develop the necessary policies and procedures to ensure the smooth and efficient functioning of the IT department.

• Ensure and Monitor effective implementations of the policies and procedures.•Ensure necessary awareness for the IT policies and procedures.

• Coordinate/Work effectively in the Internal Audit program with the Auditors.

• Communicate the governance activities, policies and decisions with the IT Management and Business Leadership and keep them informed of IT governance decisions that will affect IT services and projects.

• Release Management: In conjunction with application and infrastructure teams, track configuration items and maintain technical documentation control.
• Change Requests: Ensuring that change requests are correctly administered,documented, maintained and coordinated in a timely fashion

• Change Management calendar: Establish and maintain a Change calendar,keeping Production informed of the forward schedule of work and managing the release of changes to the Production environment.•Asset Database: Develop a CMDB and ensure that it is kept up to date by him/herself and by Application and Infrastructure teams
• Incident reporting: Maintain up to date and accurate records of incident and problem resolution activities.

What You Should Have

• Bachelor’s Degree in Information Technology, Computer Science, or other related equivalence 
• Experience in Bank industry at least 2+ years•Experience 3+ as a person responsible for information security Knowledge
• Experience with information security framework e.g., ISO20000 and ISO27001
• Knowledge of security and governance frameworksSkills and Abilities
• Demonstrate strong strategic thinking, analytical and leadership skills.
• Strong problem-solving skills, with ability to influence others.
• Demonstrable strategic thinking, analytical and problem-solving skills and detail oriented
• Relevant certification e.g., CISO, NIST, and COBIT

•Leadership skills, conflict resolution, and well organizing the tasks.
 

More information

• Recruiter : Ms. Sinav VEN Tel: 066 899 922/ 098 555 462 

• Address : Prektanu Village, Sangkat Chak Angreleu, Khan Meanchey, Phnom Penh, (Corner Str.271 & Str.371).

• Website: http://www.chipmong.com