Assistant Manager, IT Security Compliance

• Defining the user role access matrix and review user role based access control based on IT assist profiles and system risk for compliance report.
• Conducting review of user status, activity logs or audit trail and monthly for compliance report, based on the nature of IT system.
• Improving the IT service of user request for creating user account on the system.
• Periodically reviewing report for the active user, in-active user, staff resign/movement, staff on leave, officer in-charge (OiC), new staff join, terminated staff, and user request.
• Developing the policies/procedures /standards/guideline of user access management to align with the real practical in WBC’s system.
• Defining dual control password for super ID account of the WBC system.
• Periodically reviewing the password policy of the WBC systems in order to align with the approved policies.
• Explore or research on the international certification standard, regulatory, certification best practices in order to implement the information security Policies/Manuals/Guidelines.
• Maintain the policy documents for alignment with the regulatory, currently practical and audit purposes.  Assist the IT Group for improving the IT Services for better supporting and processing.
• Present the overview structure, role and responsibilities of the IT Security & Compliance to new joined teammates for their fundamental understanding.
• Guide new teammate and/or backup person of the team be able to perform the assigned tasks.
• Prepare the details work manual which under his/her responsible tasks as roadmap for guiding new teammate or backup person easy to understand.
• Guide and assist the responsible team to deal with internal and external auditors, Woori Bank HQ, and regulatory body for supporting any requirement documents.
• Collaborate with the responsible person and WBC compliance, internal auditing, risk management and work with various technical teams in the design and implementation of audit, & regulatory compliance practices.
• Develop the team’s expertise and professionalism.
• Build self-capacity through on-going learning and development.
• Ensure on time implementation of PDM performance development, coaching and annual appraisal.
• Build and maintain relationship with staff, supervisors and other stakeholders.
• Perform other tasks as assigned by supervisor.

• Relevant IT qualification to Computer Science or Information Technology.
• At least 4 years of information security experiences or IT audit.
• Proven experience of developing, submitting IT audit, and compliance report to governing bodies, legal and/or external authorities.
• Experience with common information security management frameworks, such as International Standards Organisation (ISO) 27001, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) frameworks.
• Proven experience in the implementation and monitoring of service performance KPIs, performance metrics, service standards and agreements.
• Experience of implementing and managing PCI-DSS compliance.
• Demonstrate experience of designing, developing and implementing information security policies within an overall Information Management strategy.

We offer competitive remuneration package and opportunity for career and personal development.

Apply: job@wooribank.com.kh

Phone: 087 666 870

Head Office Address: Building #398, Preah Monivong Blvd, Sangkat Boeung Keng Kang I, Boeung Keng Kang, Phnom Penh.