Minimum Bachelor Degree in Computer Science, Information Systems, or other related disciplines with a minimum of 1-2 years of proven experience in Information Security Governance, Risk, and Compliance or similar role
Have a good understanding of the threat, vulnerability, impact, and risk and their implementation on the business process.
Possess knowledge of as many as the following law, regulations, frameworks, and/or industry standards: COBIT, ISO/IEC 27000-series, PCI/DSS, NIST SP 800-53/30, GDPR, PDPA, PP71, UU ITE, etc
Main Responsibilities:
Perform risk management and IT governance, system, and data classification, business impact analysis, risk assessments, IT security audits, continuity planning, and disaster recovery.
Conduct assessment and development of information security policies, standards, and procedures that ensure compliance with applicable laws and regulations.
Ensure the awareness of security in the company.
Ensure controls and compliance over global customer information, financial data, and transactions.
Present and communicate the security-related program with all parties in the company.