• Understand the Bank’s requirement and environment and then designs and develops the overall Identity & Access Management Governance and Regulatory Framework which follows the best practice frameworks of local regulatory or international.
• To develop and maintain technical of access control policies, manuals, guidelines in order to promote compliance in line with regulator/corporate policies and local procedures and legal and international security standards (e.g. NBC Technology Risk Guideline, NIST framework and ISO27001 etc.).
• Establishes, advises, and coordinates user’s Identity & Access Management compliance framework with IT relevant teams.
• Develops and implements Identity & Access Management Standards in line with internal policies and global frameworks by working with and managing senior stakeholders.
• Identifies roles for staff, processes, and technologies required for trusted identification, authentication, and authorization within the Trusted Identity systems.
• Study and consider to on-board the system solution tool for Privileged Access Management.
• Defining the user role access matrix and quarterly review for compliance report.
• Enabling the user activity logs or audit trail and monthly reviewing for compliance report.
• Improving the IT service of user request for creating user account on the system.
• Periodically reviewing report for the active user, in-active user, staff resign/movement, staff prolong leave, officer in-charge (OiC), new staff join, terminated staff, and user request.
• Defining dual control password for super ID account of the WBC’ systems.
• Develop and lead training and awareness sessions with the relevant IT Teams to promote a culture of security, privacy and advice business and sector leads to understand how Identity & Access Management requirements affect their area.
• Induction the Identity and Access management policies, manuals and guidelines to new on-board IT staffs in order to aware them of their responsibilities.
• Monitor and maintain the corrective practical of user creation, deletion, modification request and approve.
• Review and analyze new products and services, including online and mobile applications, to meet Identity & Access Management requirements.
• Provide the supporting the required documents from HQ, internal and external audit, SWIFT, PCI-DSS, NBC, etc.
• Implementation of the finding points for improving the IT Security controls based on the findings recommendation.
• Update report properly about the status of the finding implementation to the IT management.
• Raise or propose for any concerns the missing controls to the IT Management for further action.
• Develop the team’s expertise and professionalism.
• Build self-capacity through on-going learning and development.
• Ensure on time implementation of PDM performance development, coaching and annual appraisal.
• Build and maintain relationship with staff, supervisors and other stakeholders.

• Relevant IT qualification to Computer Science or Information Technology.
• At least 4 years of information security experiences or IT audit.
• Proven experience of developing, submitting IT audit, and compliance report to governing bodies, legal and/or external authorities.
• Experience with common information security management frameworks, such as International Standards Organisation (ISO) 27001, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) frameworks.
• Proven experience in the implementation and monitoring of service performance KPIs, performance metrics, service standards and agreements.
• Experience of implementing and managing PCI-DSS compliance.
• Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues.
• Demonstrate experience of designing, developing and implementing information security policies within an overall Information Management strategy.
• Effective interpersonal and communication skills, both written and verbal, and the ability to explain complex issues relating to information security at a variety of levels to technical and non-technical audiences.

We offer competitive remuneration package and opportunity for career and personal development.

Apply: job@wooribank.com.kh

Phone: 087 666 870

Head Office Address: Building #398, Preah Monivong Blvd, Sangkat Boeung Keng Kang I, Boeung Keng Kang, Phnom Penh.