26 April 2021
Our client is seeking for an experienced specialist to develop and manage cybersecurity risk management and compliance projects.
- Degree in Information Security, Computer Science or Computer Engineering;
- Minimum 3 years of experience in Cybersecurity Risk Management / Governance / Compliance;
- Strong understanding of cybersecurity processes, technical control and risk management tools;
- Good Knowledge of ISO 27001, NIST 800-53 and NIST Cybersecurity Framework;
- Experienced in using assessment tools and control testing measures;
- Excellent understanding of regulations such as Cybersecurity Act, TRM Guidelines and PDPA;
- Excellent communication, analytical and organisational skills;
- Proactive, performance-driven and able to work independently.
- Certified Information Security Management (CISM) / Certified Information Systems Auditor (CISA) / Certified Information Systems Security Professional (CISSP).
- Evaluate the cybersecurity policies, processes, internal standards while adhering to the industry guidelines;
- Work closely with various stakeholders to establish compliance with policies & standards;
- Collaborate and support teams on risk management, mitigation and remediation measures;
- Responsible for conducting cybersecurity risk assessment and advisory;
- Liaise with internal and external audit teams to support cybersecurity audits and reviews;
- Prepare business impact analysis and develop cybersecurity risk treatment plan;
- Develop security metrics for cybersecurity risk landscape and share key insights with senior management;
- Conduct cybersecurity training to enhance the level of awareness and compliance.