Design, implement, and maintain the organization's cyber security program, including cyber security framework & roadmap
Develop and updating security policies, standards and procedures with reference to best practices
Develop cyber security awareness program to help our employees understand their role in protecting the organization's assets
Proactively support cyber security initiatives for business units within our organization
Coordinate with IT team & stakeholders, including manage third party vendors
Manage cyber risks by implementing security controls to mitigate those risks
Manage security operation service, including incident response via ticketing system in line with Service Level Agreement (SLA)
Manage compliance requirements with relevant laws, regulations, contracts and industry standards
Monitor and evaluate the performance and effectiveness of cyber security program, and report on the status, risks, and incidents to management and other stakeholders.
Qualifications:
Minimum Bachelor degree in Computer Science, Information Security, or other related fields.
Minimum 3-5 years of experience in the information security field
Professional certifications, such as CISSP, CISM, CISA or relevant security certifications
Strong knowledge of cyber security frameworks, standards, and regulations, such as ISO, NIST, COBIT, ITIL, GDPR, and PCI-DSS
Expertise in cyber security technologies and best practices, such as SOC, XDR, network security, data protection, penetration testing, incident response, emerging cyber security threats and trends
Soft skills include: strong analytical and problem-solving skills, project management, communication skills with the ability to convey complex security topics to non-technical stakeholders, professional, integrity, ethical and customer-oriented attitude.
