- Developing and maintaining IT security policy
- Defining security requirements for new or modification to services
- Monitoring and handling of security incidents
- Generating IT Service Management reports and manage service levels according to agreed SLAs
- Managing suppliers
- Managing IT service continuity (BIA for all existing and new services, maintaining testing schedules, and ensuring continuity plans are up-to-date)
- Monitoring compliance to IT Security Policy and regulatory compliance requirements, as well as tracking remediation of non-compliance issues
- Change management (determining impact of change, Change Request review, and sign off to secure Production Systems - authorizing change requests)
- IT Security evaluates of internal/external application development, various technical systems and provides report of controls (BRD).
- Coordinate requirements of Information Protection from HD and RHQ.
- Assessment security vulnerabilities and ensure all vulnerabilities remediated such as security patches, security threats and cyber security.
- Provide IT Security Awareness Training to staffs
- Support regular Business Continuity Plan (BCP) test.
- User account management (registration/ de-registration process, periodic user account review, maintaining user access matrix)
Qualifications and skills:
- A degree in Information Systems, Computer Science or equivalent field of study and professional experience.
- 10 - 15 years relevant Information Technology infrastructure, ITIL and security working experience (experience in Insurance Business would be advantage).
- In depth understanding of core security monitoring and response services - process, technology and governance - including attack detection, vulnerability management, security incident management and threat intelligence
- Solid in security service governance and management e.g. definition of policies, standards, procedures, and metrics to measure and report on service effectiveness and performance
- Good security incident response - ability to assessment and verify security events, and direct and execute containment actions
- Proven and delivering continuous service improvement and IT governance experience
- Experience in conducting risk assessment activities, security analysis and incident response review and reporting
- Risk management, ITIL implementation as well as service management knowledge
- ISO 27001 audit task
- Strong vendor management
- ITIL, CISA, CISM, PCI DSS and COBIT5 certification would be advantage
- Excellent written and spoken English
For a confidential discussion please call 02-106-8600 and ask to speak to the Technology Team.
Your application will be treated with strict confidential.
en world Recruitment (Thailand) Co., Ltd.
Athenee Tower, 12th Floor, Unit 1201-1202
63 Wireless Road, Lumpini, Pathumwan, Bangkok 10330 Thailand
Tel: +66 (2) 106 8600 | Fax: +66 (0) 2654 0901