Deputy Head, IT Security

• To manage IT security operations (day-to-day cybersecurity operations activities, collecting sources of intelligence, analyzing and managing threats to the Bank, monitoring and conducting logging (users, applications, networks, systems, etc.)).
• To perform daily, weekly, and monthly reports and analyze suspicious events and reported from employee Monitor and generate threat report, threat prevention, offensive investigation, VPN failed login and suspicious email
• To monitor and analyze activity on networks, servers, endpoints, databases, applications, websites, ATM/CRM and malicious transaction and other systems, looking for anomalous activity that could be indicative of a security incident or compromise.
• To ensure that security incidents are correctly identified, analyzed, defended, investigated, and reported.
• To manage the cyber incident response plan, respond to incidents in accordance with response plan.
• To manage the Privilege Access Management, Email Security, Anti malware, browser isolation, and other related cybersecurity solutions tool.
• To work on Next-Gen SIEM (Security Information and Event Management) – Threat detection by log analysis/correlation by Next-SIEM, alerting from (IDS[1]/IPS , FIM[2] , WAF[3] , and Antivirus etc..)
• To lead, motivate and train IT team and guarantee their level of knowledge and expertise.
• To develop the team’s expertise and professionalism.
• To continuously improve on building information security knowledge/cyber security and technology orientation.
• To work closely with IT management team to coordinate and provide support on information security matters.
• To collaborate with respective leaders/Head department related to WBC’s information security perspective.

• Bachelor Degree in Information Technology or Computer science.
• At least 3 years experiences of recent professional experiences in IT security.
• Experience with open security testing standards including OWSAP, MITRE ATT&CK, and best practices.
• Exploit Development Experience (buffer overflows, privilege escalation).
• Proficiency with Penetration Testing Tools (e.g., Metasploit, Burp Suite, Nmap, Wireshark).
• Good understanding of the Cyber Kill Chain and the ability to display clear analytical skills.
• Knowledge and experience in penetration testing and ISO 27001 standard and enforcement.
• Experience and knowledge in Cyber Security, latest threats and attack vectors and mitigation plan.
• Clear communication of vulnerabilities and associated risks in both written reports and verbal briefings.
• In-depth knowledge of operating systems and security applications, as well as a working knowledge of network protocols and tools.
• Strong analytical, administrative, presentation, and project management skills are required.

We offer competitive remuneration package and opportunity for career and personal development.

Apply: job@wooribank.com.kh

Phone: 087 666 870

Head Office Address: Building #398, Preah Monivong Blvd, Sangkat Boeung Keng Kang I, Boeung Keng Kang, Phnom Penh.