Chief information security officer (Governance / Technical)

- Ensure security best practice and standard alignment such as ISO/IEC 27001, PCI-DSS (Payment Card Industry Data Security Standard).

- Evaluate and manage risk to be within acceptable risk level in order to risk assessment result.

- Responsible for protecting organization’s computers, networks and data against threats, such as security breaches, computer viruses or attacks by cyber-criminals

- Governing the implementation of the Group Information Security Framework

KEY ACCOUNTABILITIES:

- Ensure security best practice and standard alignment such as ISO/IEC 27001, PCI-DSS (Payment Card Industry Data Security Standard).

- Define, implement and maintain corporate security policies and procedures to ensure that activities are being performed effectively and efficiently.

- Make sure security policies, standards and procedures are established and enforced.

- Develop operation, system and network performance standard and measurement systems to encourage best practice and work efficiency.

- Monitor and review security performance and submit information security report.

- Provide recommendation regarding information security directions on IT Strategy and activities are being performed in alignment with security plans and policies.

- Evaluate and manage risk to be within acceptable risk level in order to risk assessment result.

- Responsible for IT security assessment and preparing recommendation report to mitigation risk

- Engage with local team to assess security threats/vulnerabilities and manage business risk to align with group standard.

- Conduct or follow up Penetration Test Result.

- Collaborate and support upon request.