Assistant Manager, IT Security and Compliance

• To define the user role access matrix and quarterly review for compliance report.
• To enable the user activity logs or audit trail and monthly reviewing for compliance report.
• To improve the IT service of user request for creating user account on the system.
•  To review report for the active user, in-active user, staff resign/movement, staff prolong leave, officer in-charge (OIC), new staff join, terminated staff, and user request.
• To develop the policies/procedures /standards/guideline of user access management to align with the real practical in WBC’s system.
• To define dual control password for super ID account of the WBC system.
• To explore or research on the international certification standard, regulatory, certification best practices in order to implement the information security Policies/Manuals/Guidelines.
• To maintain the policy documents for alignment with the regulatory, currently practical and audit purposes.
• Prepare the details work manual which under his/her responsible tasks as roadmap for guiding new teammate or backup person easy to understand.
• Collaborate with the responsible person and WBC compliance, internal auditing, risk management and work with various technical teams in the design and implementation of audit, risk assessment & regulatory compliance practices.
• Build self-capacity through on-going learning and development.
• Other tasks will be assign by line manager.

• Bachelor degree’s certificate relevant IT qualification to Computer Science or Information Technology.
• At least 2 years of information security experiences or IT audit.
• Proven experience of developing, submitting IT audit, and compliance report to governing bodies, legal and/or external authorities.
• Experience with common information security management frameworks, such as International Standards Organization (ISO) 27001, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) frameworks.
• Experience of implementing and managing PCI-DSS compliance
• Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues.
• Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response and identity and access management
• Experience in solving information security issue, and utilities and solution.

We offer competitive remuneration package and opportunity for career and personal development.

Apply: job@wooribank.com.kh

Phone: 087 666 870

Head Office Address: Building #398, Preah Monivong Blvd, Sangkat Boeung Keng Kang I, Boeung Keng Kang, Phnom Penh.