Tóm lược
Mô tả công việc
Tóm tắt công việc
- To review and improve best practice IT Security across the technology state.
- To identify, recommend and deploy technical security enhancements in line with the agree risk policy.
- To work on a range of information security, data protection and risk management related activities, including policy compliance, vulnerability management, identity and access management, secure coding practices, rights management, data loss prevention, event monitoring and reporting, risk assessments, and incident response.
- To ensure that policies, controls, and solutions are continually monitored and improved in response to new threats and business opportunities.
- To provide guidance and support and making sure business units meet local and group requirements under IT Security and Governance, Quality Assurance, Security/Compliance
- Ensuring IT systems and applications within our organization meet the needs of the business while adhering to security best-practices, compliance and regulatory requirements.
- To work as part of an ongoing programme to improve the Information Security management and technical controls.
Key Responsibilities
- Assess controls for information in every form / all formats (e.g. electronic and physical).
- Recommend fixes for detected vulnerabilities to maintain a high-security standard.
- Coordinate to perform or oversee vulnerability and penetration testing.
- Investigate security breaches and other cyber security incidents.
- Research security enhancements and make recommendations to management.
- Stay up-to-date on information technology trends and security standards.
- Monitor the security effectiveness across the portfolio.
- Assess the current state of information security and help to drive the organization toward higher levels of maturity and efficiency.
- Assist to develop and monitor reliable metrics for information security activities to identify trends and develop action plans to drive continuous improvements.
- Help team members understand the value of information security management.
- Assess information infrastructure security.
- Assist, when requested, in establishing information security requirements for all new features and services while assessing and driving security enhancements across existing solutions.
- To identify and eliminate manual processes using automation for areas involving information security.
Why You'll Love Working Here
- 13th month salary
- Year-end bonus based on performance rating
- Professional working environment
- Private insurance (Generali) for staff (included spouse and children)
- 15-18 Annual leave per year
Yêu cầu công việc
Your Skills and Experience
Qualifications (Basic Degree/Diploma etc):
- University degree in fields of Computer Science; Information System Engineer, Management Information System or equivalent.
Professional Qualification and/or Regulatory, Licensing requirements:
- CEH, Security+, GSEC, CISA or equivalent is an advantage
- Recognised certifications for industry accpeted IT governance standards such as ITIL, COBIT,TOGAF is an advantage.
Relevant Work Experience
- Minimum 5 years working in IT fields with at least 3 year from Information Security.
Competencies/Skills (Essential to succeed in this job)
Technical/Functional skills
- Experience with infrastructure vulnerability and penetration testing and techniques.
- Understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts.
- Ability to identify and mitigate network vulnerabilities and explain how to avoid them.
- Understanding of patch management for servers and end units with knowledge of how patches are deployed and understanding the business impact
- Experience with malware analysis at a basic level.
- Demonstrable experience with endpoint protection software and configurations
- Security Configuration of Windows, Linux, DBMS (MS SQL/MySQL).
- Good technical understanding of enterprise IT; web applications, databases, operating systems, server/desktop hardware, mobile devices and networking technologies.
- Good knowledge of information security controls, guidelines and standards, ISO, NIST, OWASP
- Familiar with regulatory guidelines such as SBV’s Circular 18, Circular 35.
Personal skills (Soft Competencies [Core/Leadership])
- Ability to multitask, proactive, build relationships and interact/network effectively with internal and external parties.
- Problem solving skills
- Flexible and team work
Ngôn ngữ
-
English
Nói: Intermediate - Đọc: Intermediate - Viết: Intermediate
Yêu cầu kỹ thuật
- Linux
- MySQL
- Information Security
- Windows
- Networking
- Anti-Virus
- DBMS
- MS SQL
- Firewall
- Penetration testing
- CEH
- ITIL
- SIEM
- TOGAF
- ISO
- CISA
- OWASP
NĂNG LỰC
- Analytic Skills
- Proactive
- Problem Solving Skills
- Teamwork
- Flexible
Thông tin doanh nghiệp
CIMB Bank Vietnam, part of CIMB Group, one of ASEAN’s leading banking groups.
With a retail network of approximately 1,000 branches across the region, and a staff force of 40,000 employees across 17 countries. Offering a wide range of products and services from Consumer Banking, Wholesale Banking, Investment Banking, Islamic Banking to Asset Management.