Perform security assessment according the established security standards on IT projects.
Co-ordinate and support audit response and reporting
Conduct Security BCP planning
Co-ordinate and support various type of security tests such as static or dynamic code analysis, penetration testing and red-team exercises ... etc.
Produce security compliance reports and dashboards.
Follow up on non-compliance issue of security management, and work with the owners on treatments.
At least 5 years of working experiences in information security, IT audit, or technology risk management.
Possess excellent knowledge of security compliance requirements and the corresponding processes, such as vulnerability and patch management, security hardening, security acceptance tests etc.
Familiar with information security standards and best practices.
Familiar with regulatory requirements on information security for financial institutions.
Solid experience in Windows and Linux system administration.
Solid experience in Security products and tools, such as network perimeter controls, endpoint security controls, SIEM etc.
Possess good data analytics skills to compile effective metrics and reporting.
Solid experience in stakeholder management
Good problem-solving and strong self-motivation to achieve deliverables
Experience in developing information security policy, standard, and procedure
Security certificates such as CISSP, CISM, CISA etc.