Apply now »

Information Security Management Officer

Job Summary:    

Formulate and recommend information security policies and procedures to meet the bank’s information security objectives and ensure effective implementation. Monitor the accomplishments of the plans and programs of the Division.  Plan and execute the annual security awareness program.


Specific Duties & Responsibilities:

  • Formulates, recommends and reviews information security policies and procedures to meet the bank’s information security objectives.
  • Addresses information security policy gaps on physical, environmental, personnel security, business continuity and secure application development lifecycle management.
  • Establishes and implements an Information Security Advocacy, Awareness and Training Program to include the latest information security threats, issues, best practices, methodologies, standards and advisories.  Prepares content for publishing/release.
  • Analyzes results of the Awareness program to determine success rate, improvements in the program and where employees need information security knowledge reinforcements.
  • Liaises with other units of the Bank on their information security governance, risk and compliance related duties, responsibilities and practices.
  • Point of contact for ISD BSP related requirements and compliance requirements.
  • Monitors accomplishment of tactical plans and programs.
  • Works with other ISD Departments to ensure closure of audit and compliance exceptions
  • Proactively works with the Department Head in managing accomplishment of tasks and deliverables.
  • Performs other information security related duties and responsibilities as directed by the Department Head.

Job Specifications:

  • Experienced and well versed in information security risk assessment and management
  • Has experience in information security governance, risk management, Compliance Audit and Policy Framework, Metrics Measurement, Awareness, Training, and Advocacy
  • Extensive knowledge in various information security governance frameworks, and experiencing managing information security strategies and programs
  • Has working knowledge, understanding and experience in bank processes, IT processes, access controls, data security, controls assurance, controls and risk assessments.
  • Strong attention to detail, analytical, and problem-solving skills; strong learning agility with the ability to learn new processes.
  • Preferably with IS security related certification such as CISM, CRISC.
  • Knowledgeable on various compliance and regulatory requirements (i.e., BSP, DPA, PCI-DSS, etc.)
  • People Management Skills: Ability to lead and work well with the team, internal, and external clients. Have good teamwork and collaboration skills: good team players with the ability to lead security initiatives.
  • Good Project management skills: to lead and manage accomplishments of assigned tasks.
  • Possess excellent time management skills, thrive in a fast paced demanding environment
  • Be a self-managed, self-starter with good organizational skills to include good follow-up skills
  • Be able to work under pressure on multiple tasks/projects simultaneously.
  • Good written and verbal communication skills: to effectively articulate and explain complex security topics in simple language, concise and easy to understand concepts.
  • Knowledge in using MS office tools such as PowerPoint, word, excel and project

Apply now »