I balance exceptional delivery for customers on what matters, engaging teams and colleagues, with the needs of the business. I am an expert and often the first layer of management of people or projects.
Responsibilities
- Understand and interpret requirements across relevant IT Risk frameworks, map overlapping Technology policies and standards.
- Conduct Technology Risk Management, Help secure workflows, products, and operations across the company (Thailand & Malaysia) by identifying risk areas, providing recommendations on security compliance and IT governance best practices and authoring respective policies and procedures around security, data governance, and risk.
- Design, configure, and operate core security technologies, including Antivirus / EDR, Data Loss Prevention (DLP), and Vulnerability Assessment (VA) scanning tools, ensuring effective coverage and risk-based configuration.
- Oversee and coordinate the Vulnerability and Penetration Management Program, including risk prioritization, remediation tracking, and recommendation of appropriate mitigation solutions.
- Build & coordinate security awareness & training program for Thailand & Malaysia.
- Coordinate with internal audit, external audit and IT team to provide the information as audit request and update the current status of audit next step to IT management.
- Coordinate with Risk management in performing activities related to IT security, IT risk and compliance.
- Drive continuous process/services improvement to all security functions utilizing KPIs, KRIs and metrics.
- Be the point of contact (for Malaysia) to ensure that Security requirements and control are met with Policies & Standards as well as Security Operation & Monitoring.
- Other related duties as assigned.
Requirements
- 5+ years working in IT filed with a focus on information security or IT audit.
- Knowledge of ISO27001, PCIDSS and IT security control
- Exceptional communication, problem solving and cross-group collaboration skills
- Good command of written and spoken English
- Ability to present ideas in business-friendly and user-friendly language
- Ability to prioritize, track and manage a large number of divergent tasks and action items
- Ability to influence in a team-oriented, collaborative environment
Operational Skills Relevant For This Job
- Strong ability to analyze user requirements, make recommendations and implement solution
- Strong oral and written communication skills
- Strong presentation and interpersonal skills
- Ability to prioritize and execute in high-pressured environment
- Understanding of information security principles and best practice (e.g., ISO27001, PCIDSS, OWASP and GDPR/PDPA)
- Ability to present security topics to a non- technical audience and presenting the business value of security
- Good interpersonal skills with the ability to build and influence teams; and self-motivated
Benefits
Health Insurance - At Lotus's, we care about your health! Group insurance from a top insurance company is included in your benefitsOPD, IPD, Emergency OPD
Provident Fund - Lotus's cares about your long-term plan! We offer 3% provident fund.
Year-end bonus - We include variable and performance bonus for our employees.
Attractive Vacations days - Enjoy our attractive annual leave. Let's say the minimum is 16 days!
No overtime - We work 5 days a week with. We set our own goals and deadlines.
Free car parking space - No more stress or extra cost if you drive to work. We offer free parking space for our employees.
Best Culture
- Clear focus.
- Diverse Workplace (Our members are from around the world!)
- Non-hierarchical and agile environment
- Growth opportunity and career path
