ICT Assurance and Compliance Officer
Posted:03/01/2019 -Closing Date:01/02/2019
ICT Assurance and Compliance Officer is responsible on establishes, manages and administers Bank's ICT security policy and procedures to ensure preventive and recovery strategies are in place, and minimize the risk of internal and external security threats.
- Head Office, Phnom Penh. (1 post)
Duties and Responsibilities
- Ensure compliance with appropriate IT Policies;
- Assist in the evaluation of the effectiveness of the security control on various components including network, server, virtualization technology, application development, change management, information classification, risk management, business continuity, and incident response;
- Monitoring and document Physical Security Access.
- Periodic user access review for critical applications;
- Create reports and presentations regarding IT security compliance;
- Maintains quality service by establishing and enforcing organization standards (Change/patch/Incident/request management etc.);
- Assist on the tracking of audit findings and respective compliance as committed by various units in IT;
- Assist in the annual testing and review to assess risks on the network and infrastructure and recommend necessary changes to ensure security and business continuity;
- Follow-up the reporting of security incidents and assist in the investigation of such to achieve proper solutions;
Able to go beyond the scopes;
- Provide Information Security Awareness Training to staff.
Skills and Qualification Required
- Bachelor degree of IT, Computer Science or other related field;
- Extensive experience in IT Security and banking, with focus on IT assurance and IT process, risk management;
- Good technical backgroup with Window, Linux, Network and web/program.
- Good understanding of Technology Risk and Information Security policies and standards;
- Developed knowledge in Regulatory Compliance obligations;
- Strong analytical and problem solving skills to develop acceptable solutions for the business;
- Knowledge of ITIL, COBIT, PCI DSS and other security frameworks;
- Skills in security assessment and Penetration test;
- Knowledge of IT Security auditing processes;
- Good verbal and written English skills to present to senior management;
- Ability to drive and manage own workload and operate within defined deadlines.
How to apply
Interested and qualified applicants should submit only your updated covering letter and CV stating the position you apply for with current photo (4x6) via application below.