Manager, IT Security and Compliance

Location: Head Office

Position: Manager, IT Security and Compliance

Deadline: March 31, 2023

Apply Now

Duties & Responsibilities

  • To develop and maintain technical policies and standards and promote compliance in line with regulator/corporate policies and local procedures and legal and international security standards (e.g. NBC Technology Risk Guideline, NIST framework and ISO27001 etc.).
  • Identify the associated IT compliance control gaps and oversee the documentation, implementation and testing of the entire IT compliance control portfolio.
  • Assist the end-user, other IT professionals, and external customers in requesting security variances and implementation of subsequent configuration change requests.
  • Maintains system documentation and configuration data for regulatory and audit purposes.
  • Develop and maintain documentation for security systems, procedures and security diagrams.
  • Coach and guide Service Desk and Desk Side Support technicians in their incident response, directing incident first responder actions, and appropriately escalating issues.
  • Support information security architectural requirements.
  • Ensure all IT systems and processes are complied with IT policy/procedure and well documented.
  • Conduct regularly security check on LAN/WAN of IT Infrastructure and IT Applications System for HO and Branch Offices.
  • Lead, motivate and train IT team and guarantee their level of knowledge and expertise.
  • Perform IT security training to end users.
  • Participate in IT risk assessment identification and explore and implement mitigation solutions.
  • Cyber risk assessment and compliance.
  • Work closely with the various cross-functional teams to establish, formulate, and monitor the security policies, manual and guidelines in line with WBC’s organization’s cyber security directions.
  • Check and collect backup log to ensure the backup job has been done and report to relevant staffs to take an immediate action in case of failure.
  • Monthly security checks in Data Center and DR site.
  • Regularly scan and report for unauthorized access in systems.
  • Enforce the proper implementation of IT Security in order to comply with IT Security policy and procedure.
  • Perform other tasks as assigned by supervisor.

Requirement Competencies

  • Relevant IT qualification to Computer Science or Information Technology.
  • At least 4 years of information security experiences or IT audit.
  • Proven experience of developing, submitting IT audit, and compliance report to governing bodies, legal and/or external authorities.
  • Experience with common information security management frameworks, such as International Standards Organisation (ISO) 27001, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) frameworks.
  • Proven experience in the implementation and monitoring of service performance KPIs, performance metrics, service standards and agreements.
  • Experience of implementing and managing PCI-DSS compliance.
  • Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues.
  • Demonstrate experience of designing, developing and implementing information security policies within an overall Information Management strategy.
  • Effective interpersonal and communication skills, both written and verbal, and the ability to explain complex issues relating to information security at a variety of levels to technical and non-technical audiences.

Benefit Packages

We offer competitive remuneration package and opportunity for career and personal development.

How to Apply

Phone: 087 666 870

Head Office Address: Building #398, Preah Monivong Blvd, Sangkat Boeung Keng Kang I, Boeung Keng Kang , Phnom Penh.

Customer Service Care

We always available to solve your problem in just a few minute!

+855 23 963 333

Download, the WOORI WON

Get your app lastest version now

Personal Banking

Business Banking

Digital Banking

About Us