Senior Manager, IT Security Governance & Compliance

• To develop and maintain technical policies and standards and promote compliance in line with regulator/corporate policies and local procedures and legal and international security standards (e.g. NBC Technology Risk Guideline, NIST framework and ISO27001 etc.).
• To develop and maintain technical policies and standards and promote compliance in line with on ISO 27001:2022
• To lead, develop and maintain the implementation of PCI DSS and PIN Card Payment Security, and Data Security (Data Classification & Data Loss Prevention solution).
• SWIFT Customer Security Program.
• To develop and maintain IT governance and compliance policies.
• To ensure policies are up-to-date and aligned with regulatory requirements.
• To communicate policies to relevant stakeholders.
• To monitor adherence to policies and recommend updates as needed.
• To implement zero trust architecture (ZTA) by assessing zero trust maturity model (ZTMM) across five distinct pillars as Identity, Devices, Networks, Applications, and Workloads and Data.
• To work with internal and external auditors, Woori Bank HQ, and regulatory body.
• To work collaboratively with WBC compliance, internal auditing, risk management and work with various technical teams in the design and Implementation of audit, risk assessment and regulatory compliance practices.
• To establish, promote and aware for IT security awareness and training to foster an effective security culture within the Bank.
• To tailor IT Security Awareness training and deliver training programs to educate employees about compliance requirements and best practices.
• To establish of strategies for information protection, personal information protection, and credit information management and corporate data protection.
• To perform other tasks as assigned by supervisor.

• Relevant IT qualification to Computer Science or Information Technology.
• At least 4 years of information security experiences or IT audit.
• Proven experience of developing, submitting IT audit, and compliance report to governing bodies, legal and/or external authorities.
• Experience with common information security management frameworks, such as International Standards Organization (ISO) 27001, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) frameworks.
• Proven experience in the implementation and monitoring of service performance KPIs, performance metrics, service standards and agreements.
• Experience of implementing and managing PCI-DSS compliance.
• Demonstrate experience of designing, developing and implementing information security policies within an overall Information Management strategy.
• Effective interpersonal and communication skills, both written and verbal, and the ability to explain complex issues relating to information security at a variety of levels to technical and non-technical audiences.

We offer competitive remuneration package and opportunity for career and personal development.

Apply: job@wooribank.com.kh

Phone: 087 666 870

Head Office Address: Building #398, Preah Monivong Blvd, Sangkat Boeung Keng Kang I, Boeung Keng Kang, Phnom Penh.