26 April 2021

Our client is seeking for an experienced specialist to develop and manage cybersecurity risk management and compliance projects.

Mandatory Skill(s)

  • Degree in Information Security, Computer Science or Computer Engineering;
  • Minimum 3 years of experience in Cybersecurity Risk Management / Governance / Compliance;
  • Strong understanding of cybersecurity processes, technical control and risk management tools;
  • Good Knowledge of ISO 27001, NIST 800-53 and NIST Cybersecurity Framework;
  • Experienced in using assessment tools and control testing measures;
  • Excellent understanding of regulations such as Cybersecurity Act, TRM Guidelines and PDPA;
  • Excellent communication, analytical and organisational skills;
  • Proactive, performance-driven and able to work independently.

Desirable Skill(s)

  • Certified Information Security Management (CISM) / Certified Information Systems Auditor (CISA) / Certified Information Systems Security Professional (CISSP).

Responsibilities

  • Evaluate the cybersecurity policies, processes, internal standards while adhering to the industry guidelines;
  • Work closely with various stakeholders to establish compliance with policies & standards;
  • Collaborate and support teams on risk management, mitigation and remediation measures;
  • Responsible for conducting cybersecurity risk assessment and advisory;
  • Liaise with internal and external audit teams to support cybersecurity audits and reviews;
  • Prepare business impact analysis and develop cybersecurity risk treatment plan;
  • Develop security metrics for cybersecurity risk landscape and share key insights with senior management;
  • Conduct cybersecurity training to enhance the level of awareness and compliance.
Apply to this Job