The primary responsibility is to support Technology Information Security Management Team Lead to provide efficient and effective security operation, monitoring and governance for Technology-related areas for the Technology Information Security Office (TISO). Governance: Review security standards developed for technologies deployed in the bank and to ensure compliance. Engage stakeholders and service providers to formalize security processes, procedures and checklists. Manage audit issues and ensure that remedial actions are executed to address the underlying risks and timely closure of audit findings. Security Projects: Drive and manage security projects or initiatives under tight timeline. Work closely with IT PM and delivery teams to get projects delivered on time and within budget. Build working relationship with stakeholders and to provide Management with timely updates. Security risk assessment: Security review of systems ensuring compliance to bank security standards, highlight security risks, and make recommendations to mitigate the risks. Advice stakeholders on security gap remediation, track identified security gaps to closure and escalate potential delays to management in a timely manner. Security Operation : Manage the rule sets for security tools to correlate events from various devices throughout the network and identify anomalies that require further investigation. Use security tools to detect and respond to IT security incidents. Cyber-security Incident Response Team: Perform scheduled CSIRT duties, and support CSIRT Commander in the event of a security incident. Investigate indicators of compromise (IOCs) provided by Cyber Threat Intelligence or the Cyber Hunter function. Assist the CSIRT Commander in the event of a CSIRT incident. TISO BAU: Submit monthly management reports on risk related matters, Technology Risk Report, Department aligned with Group’s security standards. Support department initiatives and ad-hoc work as assigned - audit / regulatory inspection and request from the Head Office, etc

The position of requires a minimum of 5 years working experience in IT security operation, management, audit or equivalent in the banking environment. Familiar with security technologies and operational experience with SIEM and DAM security tools in an end user environment is preferred. Possess strong knowledge and experience in Windows, AIX, MS SQL anti-virus, NIDS, firewalls and network equipment. Able to articulate and/or develop Information Security principles, standards and best practices Minimum Bachelor degree required or equivalent technical expertise. Possessed one of the following professional certifications such as CISSP, CISA or CRIS