ITCISO08 - Security Asessments & Review
We are looking for a qualified Security Assessments & Review for Information Security Organisation to implement and maintain our security systems. You will be responsible for checking & review the policy of preventing unauthorized access to our data and responding to privacy breaches.
Job Descriptions :
- Leading the team and ensuring that security risks and security threats have been identified, monitored and improved as per the methodology of risk assurance established by the bank
- Work closely with IT Risk Management team to ensure minimal technology risks prior to new solution/application go-live
- Subject matter expertise of banking technology standards & regulations (e.g., COSO, COBIT, UU - ITE, PBI, POJK)
- Deep understanding on Banking Technology, IT Security & Governance, IT Infrastructure (e.g., networking, server, operating system & database)
- Familiar with Secure System Development Life Cycle (SDLC) and Agile Methodology
- Full-stack knowledge of common security threats and vulnerabilities
- Possess good analytical, and problem-solving skills
- Have a good ability to develop technical documentation
- Very good communication and interpersonal skill
- Excellent English written/verbal
- Team work player with leadership capability
- Have Bachelor Degree from reputable University with education background from Computer Science / Information Technology, Science & Technology, Business Studies / Management or equivalent
- 3+years of relevant experience on Information Security in Financial / Banking Industry
- Expert knowledge of IT security technology (e.g., firewall, IPS, key management, antivirus, patch management, end point protection)
- Advance knowledge of organization, technology controls, security and risk issues.
- Ability to participate in complex, comprehensive or large projects and initiatives.
- Ability to serve as a lead expert resource in technology controls and information security for project teams, the business, organization and outside vendors.
- Information Security Certification / Accreditation, Preferable CISSP / CISM / CISA / CEH / EnCe
- Strong working knowledge of industry frameworks (e.g., ISO 27002, NIST Cyber Security Framework, OWASP)
- minimum S1 with relevant background