Establish a plan and execution of information security operations and projects that align with bank policy and strategy.
Develop and maintaining roadmaps for vulnerability management programs and co-op with related parties to close the gaps.
Work with internal stakeholders across the business to identify, assess, report, track, and remediate risks and support the development of risk mitigation strategies.
Own, maintain, and update information security document e.g., guideline, baseline, internal processes.
Take a part in groups or project to ensure proposed solution are in line with security.
Ensure all security operation in compliance in Bank policy or ISO27001 and implemented
Actively work closely with 2nd line department or business partner to identify and mitigate risk in an acceptable level.
Proactive maintain and report responsible team KPIs.
Provide risk base advice or support that align with IT and related department.
Qualification
Demonstrated experience in team and project management.
Familiar with security technology inclining project implementation.
Experience leading in vulnerability management and mitigation solution.
Strong understanding of de-facto Security frameworks, Standards e.g., ISO 27001, PCI-DSS, NIST, OWASP, etc.
Ability to think in holistic view (big picture).
Proven in depth knowledge of technical skills in information security.
Excellent in communication and presentation skill.
