-Defining the user role access matrix and review user role based access control based on IT assist profiles and system risk for compliance report.
-Conducting review of user status, activity logs or audit trail and monthly for compliance report, based on the nature of IT system.
-Improving the IT service of user request for creating user account on the system.
-Periodically reviewing report for the active user, in-active user, staff resign/movement, staff on leave, officer in-charge (OiC), new staff join, terminated staff, and user request.
-Developing the policies/procedures /standards/guideline of user access management to align with the real practical in WBC’s system.
-Defining dual control password for super ID account of the WBC system.
-Periodically reviewing the password policy of the WBC systems in order to align with the approved policies.
-Explore or research on the international certification standard, regulatory, certification best practices in order to implement the information security Policies/Manuals/Guidelines.
-Maintain the policy documents for alignment with the regulatory, currently practical and audit purposes.  Assist the IT Group for improving the IT Services for better supporting and processing.
-Present the overview structure, role and responsibilities of the IT Security & Compliance to new joined teammates for their fundamental understanding.
-Guide new teammate and/or backup person of the team be able to perform the assigned tasks.
-Prepare the details work manual which under his/her responsible tasks as roadmap for guiding new teammate or backup person easy to understand.
-Guide and assist the responsible team to deal with internal and external auditors, Woori Bank HQ, and regulatory body for supporting any requirement documents.
-Collaborate with the responsible person and WBC compliance, internal auditing, risk management and work with various technical teams in the design and implementation of audit, & regulatory compliance practices.
-Develop the team’s expertise and professionalism.
-Build self-capacity through on-going learning and development.
-Ensure on time implementation of PDM performance development, coaching and annual appraisal.
-Build and maintain relationship with staff, supervisors and other stakeholders.
-Perform other tasks as assigned by supervisor.

-Relevant IT qualification to Computer Science or Information Technology.
-At least 4 years of information security experiences or IT audit.
-Proven experience of developing, submitting IT audit, and compliance report to governing bodies, legal and/or external authorities.
-Experience with common information security management frameworks, such as International Standards Organization (ISO) 27001, the IT Infrastructure Library (ITIL) and Control Objectives for Information and --Related Technology (COBIT) frameworks.
-Proven experience in the implementation and monitoring of service performance KPIs, performance metrics, service standards and agreements.
-Experience of implementing and managing PCI-DSS compliance.
-Demonstrate experience of designing, developing and implementing information security policies within an overall Information Management strategy.