举报成功

Job Summary

• Responsible for protecting information system assets by identifying and solving potential and actual security problems.

Key Responsibilities

• Develop and maintain the Information Security Management System (ISMS).
• Protects the system by defining access privileges, control structures, and resources
• Define who has access to what data and ensure the principle of “least privilege” is enforced.
• Conduct regular risk assessments to identify vulnerabilities in the system and propose mitigation strategies.
• Recognizes the problems by identifying abnormalities, reporting violations.
• Implements security improvements by assessing current situations, evaluating trends, anticipating requirements.
• Determines security violations and inefficiencies by conducting periodic audits.
• Upgrades the system by implementing and maintaining security controls.
• Keeps users informed by preparing performance reports, communicating system status.
• Maintains quality service by following organization standards.
• Coordinate and work with business process owners and executives across different departments to ensure that information security requirements support business needs and security systems and processes are working as intended.
• Formulates, and evolves the information security plan and documentation for security compliance.
• Assist in ensuring regulatory compliance and adherence to information security-related laws, rules and regulations (e.g., GDPR, HIPAA, PCI-DSS, or ISO 27001).
• Implementation and maintenance of an information security incident response plan ensure that security controls and processes are embedded throughout the lifecycle of information, systems, applications, products and services.
• Conduct security awareness and training programs catered to different sets of stakeholders.

• Bachelor’s degree in a computer-related field (Infosec Specialisation a bonus)
• 5+ years of experience in IT, with at least 2-3 years specifically focused on security administration and auditing
• Network/System Administration Experience
• Deep understanding of firewalls, SIEM (Security Information and Event Management) tools, encryption protocols, and cloud security
• Ability to spot patterns in logs that suggest a breach
• Information Security Policy Implementation experience
• Knowledge of banking and payment industry and transaction based systems