IT Security Manager
Mức lương: Thỏa thuận
Đã hết hạn nộp hồ sơ - 349 lượt xem
Ngày cập nhật: 08/05/2019
Thông Tin Tuyển Dụng
Mô tả công việc
** Position Objective: This statement should be a general summary of the responsibilities listed in the next section.
Our IT Security Manager (ITSM) will act as an interface between the IT security related risk management activities and the work of the technology-focused analysts, engineers, architects, administrators, and developers in the MIS team. The ITSM coordinates the IT organization's technical activities to implement and manage security controls and to provide regular reports to management.
The ITSM will be responsible for working with business and MIS stakeholders to balance real-world security related risks with business drivers such as speed, agility, flexibility and performance.
The ITSM will provide guidance to MIS personnel responsible for managing security in IT development and operations (networking, servers or database).
** Roles and Responsibilities Describe specific key functions of the position or the essential areas of responsibilities, listing the most important first.
Begin each statement with an action verb Describe what, how, and why role/responsibility is performed.
Indicate average percentage of time each responsibility takes.
- Governance Support
• Monitor and report on compliance with Group IT security policies/processes/standards and regulatory compliance, as well as, the enforcement them in practice within the IT department.
• Perform IT security risk regular self-assessment and report to IT Risk management and Governance team.
• Provide leadership and coaching for IT security team members
Architecture/Engineering Support
• Work with the MIS architecture team to ensure that there is a convergence of business, technical and security requirements.
• Work with Project and Development team on projects to ensure Group wide security requirements implemented based on risk management approach. Manage security projects and provide expert guidance on security matters for other IT projects.
• Consult with MIS (IT) teams to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications and software.
• Recommend and coordinate the implementation of technical controls to support and enforce defined security policies/processes/standards and regulations.
• Research, evaluate, design, test, recommend or plan the implementation of new or updated information security hardware or software, and analyze its impact on the existing environment; provide technical and managerial expertise for the administration of security tools.
• Maintain a knowledgebase including a technical reference library, security advisories and alerts, information on security trends and practices, and laws and regulations via regular research.
- Security Operation
• Assist Business and MIS staff in understanding and responding to security risk via awareness trainings.
• Work with various stakeholders to manage information security risk related to data and systems.
• Measure and report on the technical aspects of security management.
• Manage outsourced vendors that provide information security functions for compliance with AIA security policies/processes/standards.
• Manage and coordinate operational components of security incident management, including detection, response and reporting.
• Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk.
• Assist the disaster recovery team in the selection of recovery strategies and the development, testing and maintenance of disaster recovery plans.
• Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with AIA security policies/processes/standards and audit requirements.
• Design, coordinate and oversee security testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks.
** Financial and Non-Financial Measures:
• No critical information security risk is not identified and mitigated.
** Communication Requirements
• Internal (70%): supporting, implementing project plan, monitoring system service, delivery of training awareness to end user.
• External (30%): communicate with Group and Vendor for maintenance the security for systems.
Our IT Security Manager (ITSM) will act as an interface between the IT security related risk management activities and the work of the technology-focused analysts, engineers, architects, administrators, and developers in the MIS team. The ITSM coordinates the IT organization's technical activities to implement and manage security controls and to provide regular reports to management.
The ITSM will be responsible for working with business and MIS stakeholders to balance real-world security related risks with business drivers such as speed, agility, flexibility and performance.
The ITSM will provide guidance to MIS personnel responsible for managing security in IT development and operations (networking, servers or database).
** Roles and Responsibilities Describe specific key functions of the position or the essential areas of responsibilities, listing the most important first.
Begin each statement with an action verb Describe what, how, and why role/responsibility is performed.
Indicate average percentage of time each responsibility takes.
- Governance Support
• Monitor and report on compliance with Group IT security policies/processes/standards and regulatory compliance, as well as, the enforcement them in practice within the IT department.
• Perform IT security risk regular self-assessment and report to IT Risk management and Governance team.
• Provide leadership and coaching for IT security team members
Architecture/Engineering Support
• Work with the MIS architecture team to ensure that there is a convergence of business, technical and security requirements.
• Work with Project and Development team on projects to ensure Group wide security requirements implemented based on risk management approach. Manage security projects and provide expert guidance on security matters for other IT projects.
• Consult with MIS (IT) teams to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications and software.
• Recommend and coordinate the implementation of technical controls to support and enforce defined security policies/processes/standards and regulations.
• Research, evaluate, design, test, recommend or plan the implementation of new or updated information security hardware or software, and analyze its impact on the existing environment; provide technical and managerial expertise for the administration of security tools.
• Maintain a knowledgebase including a technical reference library, security advisories and alerts, information on security trends and practices, and laws and regulations via regular research.
- Security Operation
• Assist Business and MIS staff in understanding and responding to security risk via awareness trainings.
• Work with various stakeholders to manage information security risk related to data and systems.
• Measure and report on the technical aspects of security management.
• Manage outsourced vendors that provide information security functions for compliance with AIA security policies/processes/standards.
• Manage and coordinate operational components of security incident management, including detection, response and reporting.
• Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk.
• Assist the disaster recovery team in the selection of recovery strategies and the development, testing and maintenance of disaster recovery plans.
• Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with AIA security policies/processes/standards and audit requirements.
• Design, coordinate and oversee security testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks.
** Financial and Non-Financial Measures:
• No critical information security risk is not identified and mitigated.
** Communication Requirements
• Internal (70%): supporting, implementing project plan, monitoring system service, delivery of training awareness to end user.
• External (30%): communicate with Group and Vendor for maintenance the security for systems.
Yêu cầu ứng viên
** Minimum Job Requirements:
• Education : B.A Degree or higher in Information Technology related field.
• Experience
- At least 3-5 years of experience in IT Security analyst or operation role.
- At least 2 years experienced as a IT Security team leader.
• Certifications/licenses
- OSCP/SANS (Preferred)
- CISSP/CEH
• Special skills
- Good communication skill with ability of making impact to effectively work and negotiate with internal users.
- Inspire team members with good team work skill and integrity.
- Work under high pressure, goal oriented, and inspired to perform without outside help.
** Reporting Structure and Supervisory / Managerial Responsibilities:
Attach organization structure, if available
This position is one of two direct reports to Head of Fraud Investigation
• This position is direct reports to Technology Risk Director.
• Education : B.A Degree or higher in Information Technology related field.
• Experience
- At least 3-5 years of experience in IT Security analyst or operation role.
- At least 2 years experienced as a IT Security team leader.
• Certifications/licenses
- OSCP/SANS (Preferred)
- CISSP/CEH
• Special skills
- Good communication skill with ability of making impact to effectively work and negotiate with internal users.
- Inspire team members with good team work skill and integrity.
- Work under high pressure, goal oriented, and inspired to perform without outside help.
** Reporting Structure and Supervisory / Managerial Responsibilities:
Attach organization structure, if available
This position is one of two direct reports to Head of Fraud Investigation
• This position is direct reports to Technology Risk Director.
Quyền lợi được hưởng
- Salary will be commensurate with qualifications and experience
- Social insurance, health insurance, unemployment insurance according to Labor Laws
- Good chance to study and develop career path stably
- Social insurance, health insurance, unemployment insurance according to Labor Laws
- Good chance to study and develop career path stably
Cách thức ứng tuyển
Hồ sơ theo yêu cầu của nhà tuyển dụng khi liên hệ trực tiếp
Giới thiệu về công ty
AIA CAREERS
14/F , Saigon Center Tower 2, 67 Le Loi Street, District 1, Ho Chi Minh City, Vietnam.
14/F , Saigon Center Tower 2, 67 Le Loi Street, District 1, Ho Chi Minh City, Vietnam.
About AIA Vietnam AIA Vietnam is a member of the AIA Group, the largest independent publicly listed pan - Asian life insurance group. Established in February 2000, AIA Vietnam has successfully built a solid foundation for sustainable development with focus in training our talent resources of almost 1000 employees and ...Chi tiết
About AIA Vietnam AIA Vietnam is a member of the AIA Group, the largest independent publicly listed pan - Asian life insurance group. Established in February 2000, AIA Vietnam has successfully built a solid foundation for sustainable development with focus in training our talent resources of almost 1000 employees and over 20,000 agents working at 170 offices in more than 50 provinces in Vietnam. Today, 18 years after its inception, AIA Vietnam has grown to be a trusted brand in Vietnam. AIA Vietnam serves the holders of over 850,000 policies across the country. For our outstanding achievements in the development of life insurance industry in Vietnam, we have received multiple trusted awards, including: • Golden Dragon Award • Certificate of Merit by the Prime Minister • Trusted Products, Perfect Service award by Consumer choice • Vietnam Best-known Brand • TOP 100 Best Places to work in Vietnam • “Trusted Brand 2015” award • Certified "Great Place to Work®" period June.18 – May.19 Company Details: Website: https://careers.aia.com/search/?q=&locationsearch=VN&utm_source=AIA.COM&startrow=1 Ẩn chi tiết
Bạn đang xem tin việc làm IT Security Manager trong ngành được tuyển dụng tại bởi AIA CAREERS. AIA CAREERS đang cần tuyển 0 người nhân sự với hình thức làm việc: Toàn thời gian cố định. Yêu cầu kinh nghiệm Không yêu cầu. Website tìm việc làm timviec24h.vn cập nhật tin IT Security Manager cách đây lúc 12/07/2019 00:00:00. Người tìm việc lưu ý không nên đặt tiền cọc khi xin việc . Chúng tôi luôn cố gắng đưa tin tức tuyển dụng nhanh và chính xác nhất cho bạn.
Tìm thêm việc làm
AIA CAREERS
Địa chỉ: 14/F , Saigon Center Tower 2, 67 Le Loi Street, District 1, Ho Chi Minh City, Vietnam.
Quy mô: 500-999 nhân viên
Việc làm tương tự
IT Security Manager
Mức lương: Thỏa thuận | Hạn nộp hồ sơ: Đã hết hạn nộp hồ sơ