Job Profile/Description
- Ensure the awareness and training of information security policy, Dos & Don’ts to all personnel
- Ensure that all personnel follow the bank’s Standard Information Security Policy
- Aligning the IT department with this Information Security policy
- Carrying out all processes resulting from the implementation of the information security policy in conjunction with compliance with the policy
- Communicating all relevant information to concerned departments for processes and tasks concerning the information security policy breach
- Ensure no company confidential data is leaked outside of the company via any media (email, internet, social media etc.)
- Monitor all system access and system audit trial
- Monitor intrusion detection & intrusion prevention system, etc. logs to ensure legitimate access to systems/company data
- Update policy, guideline, standard, processes and procedures
- Assess vulnerability on Network and Application System and Database by apply the efficiency control to mitigate risk
- Ensure privilege IDs and Passwords are kept in safe and secure, periodically changed password and has dual control
- Participate in IT risk assessment identification, explore, and implement mitigations
- Others duties assigned by supervisor
Job Requirements
- Bachelor Degree in Information Technology or Computer science;
- At least 2 years of information security experiences.
- Experience with Network Infrastructure Security and application development security project
- Involvements and or prior experience in IT Infrastructure support, design and management as well as strong knowledge and experience Routing and Switching, Firewalls configuration and associated network protocols and concepts;
- Knowledge and implementation of IDS/IPS and Syslog;
- Knowledge in implementation and operation of monitoring tools: Cacti, Nagios, Solar Wind;
- Knowledge and experience in administration of Windows Server and Linux Operating Systems;
- Knowledge & understanding on some certification practices such as Cisco CCNA, CCNA security, or CCNP security
- Knowledge of current Information Security Management System (ISMS) (including ISO 27001 series, NIST and/or other cyber security framework)
- Demonstrate experience of designing, developing and implementing information security policies within an overall Information Management strategy
- Knowledge of information security principles, including risk assessment, threat and vulnerability management, incident response and access management