IT Security Manager

Essential Skills / Qualifications:

• Knowledge of information and cyber security management systems and information security governance (information risk management, business continuity and recovery strategies, incident handling concepts), security administration, network systems, operating systems, security operations system, SIEM.
• College graduate of Electronics & Communications Engineering or Information Technology or any related course
• Minimum of 5 years experience working on security related jobs with the same qualifications as mentioned.
• Certification like CompTIA Security+, CISA, CISM is an advantage

Overall purpose, duties and responsibilities of the role:

The IT Security Manager is responsible for overseeing information security, cybersecurity and IT risk management programs based on industry-accepted security and risk management frameworks.

Duties and Responsibilities:

• Develop, implement and maintain the following:
• Globally-accepted security programs, policies and procedures in compliance with industry related standards
• Other security programs in pursuit of new regulatory or legal compliance as authorized and approved by the management
• Monitor and handle security incidents in accordance to established Incident Management Procedure which may involve coordination with other departments and external parties
• Review and analyze cyber security incident response activities and technical investigations of security-related incidents in relation to incident management process
• Maintain reliability and integrity of the IT infrastructure by developing, implementing and exercising disaster recovery plan in relation to business continuity
• Lead the assessment of the security posture of IT systems, applicability and effectiveness of implemented controls
• Maintain technical security controls managed by the department by conducting regular maintenance activities not limited to backup of systems and vulnerability assessments
• Develop and maintain processes, procedural documents and up-to-date inventory of deployed and implemented security controls
• Support in the development and conduct of approved information security awareness program to all employees and third-party personnel engaged with the company
• Assist in providing technical consulting services in accordance with approved standards to other departments on matters related to information security
• Assist the department in coordination with the Compliance, Audit and Risk Teams to achieve regulatory and legal compliance
• Regularly coordinate and work with IT Governance team to ensure that IT Security initiatives are aligned with the overall governance framework, standard and requirements.