Job Description

• Provide the excellent supports on overall aspects of Information Security, IT Governance, IT Risk, IT Audit and IT Compliance
• Provide the consultative information security governance, risk, and compliance advisory services for IT systems and services, balancing appropriate security, business goals, and enterprise priorities to achieve collaborative outcomes to challenging business problems/objectives in a secure way
• Ensure in monitoring and implementing effective process and system controls to protect bank and customer data in alignment with bank policy and regulatory requirements
• Ensure in supporting increased knowledge and awareness of Information Security & Technology Risk with key stakeholders and staffs
• Ensure in preparing and managing the budget required by applicable controls for information security and technology risk
• Develop a strategy for the deployment of information security technologies
• Manage the proper periodic review for System ID Access, Data Centre, IT Store Room, Standalone PC Controls, Encrypted USB, USB Exemption and QA (Quality Assurance) tests for other IT controls
• Identify new threat in the market and evaluate the threat with related SMEs (Subject-Matter Expert) included IT Team, Vendors and relevant departments to define the severity and impact, follow up with communication and dashboard to track the remediation progress as required
• Manage end-to-end for the investigation of information security violations and breaches
• Provide the strong supports for key IT projects driven by Security, Risk, Audit and Compliance
• Facing into internal audit and external regulatory engagements to support positive outcomes, and drive execution of associated treatment plans
• Ensure in reviewing and keeping up-to-date IT Policies, IT Processes and IT Procedures
• Other relevant tasks assigned by line manager

Job Requirement

• Bachelor's Degree in Computer Science/Information Technology or equivalent
• Master’s Degree in Business Administration (MBA) will be an added advantage
• Certified or Completed the formal training in CISSP, CISA, CISM, ITIL, COBIT, PCI DSS, EC-Council (CND/CEH), Cisco Security or Microsoft (MTA/MCSA) will be an added advantage
• At least 6 to 8 years of IT employment experience (preferred in private sectors: Bank, Insurance, MFI, ISP or IT System Integration)
• At least 3 to 4 years of management level’s experience in IT Department
• Passionate in Cyber Security, Quality Assurance, Regulatory & Compliance, and Governance of Enterprise IT
• Strong understanding of the key aspects of IT which includes Application implementation & support, IT Infrastructure, Vendor & Contract Management, Cyber Security, IT-related regulatory requirements, IT audit, IT governance, IT roadmap & Strategic planning, Risk management and Business continuity planning
• Strong understanding of Operational risk and Compliance Framework principles and practices
• In-depth knowledge of current & emerging regulatory requirements impacting Technology & Information Security
• Experience with some controls of information security such as Security Patch Management, System Vulnerability Identification, Network Security, Identity & Access Management, Security Awareness, Data Loss Prevention, Cryptography, Information Classification, Information Handling, and Information Security Incident Management
• Experience with IT Auditing by internal auditor, external auditor and NBC
• Experience with supporting and implementing on Core Banking, ATM Switching, Visa, Master, UPI, SWIFT, Credit Card System, Internet Banking, NBC Clearing House, NBC FAST Payment and NBC CSS (Cambodian Shared Switch) will be preferred
• Experience in IT Programming, Enterprise Application Development, Database Administration or Project Implementation will be an added advantage
• Experience in performing security monitoring and response capabilities on cloud platforms (Amazon Web Services, Microsoft Azure or Google Cloud Platform) will be an added advantage
• Preferred Technical knowledge of mainstream operating systems (Windows/Linux) and wide range of security technologies such as network security appliances and anti-malware solutions
• Ability to convey security concepts related cybersecurity events to both technical and non-technical audiences
• Ability to manage and analyse data with Microsoft Excel or Microsoft Access
• Strong working knowledge of malware in its varying forms, common delivery mechanisms, and common mitigation steps
• A self-initiated, motivated person, highly flexible, fast learner and a pro-active team player who can work with minimal supervision
• Ability to multi-task, prioritize, and manage time effectively
• Quality mindset with prevention attitude to attain zero defects
• Well-developed analytical skills and the ability to provide clarity to complex issues, and synthesize large amounts of information
• Ability to articulate and clearly communicate complex problems and solutions in a simple, logical and impactful manner
• Team management and leadership experience (direct & indirect)

Contact Person:  HR Officer

Facebook Page: https://www.facebook.com/outsourcingcambodia

Phone:                 023 5197 888 / 086 986 133 / 096 641 7309

Email:                   info@outsourcingkh.com