• Perform existing IT security gaps analyst to comply the regulation (NBC TRM).
• Develop up to date IT security policy, standards, and threats.
• Ensure that all new implementations of solutions are compliant with the security requirements, standards, and regulatory.
• Review IT change management and user access management to comply with current IT Policies and SOPs.
• Perform regular IT security reviews and produce IT assurance and compliance status reports.
• Provide IT security awareness for users.
• Create and manage risk register and work with various teams on ongoing basis to guide the on mitigation.
• Communicate between IT and internal/external audit on required assessments.
• Collaborate with management and the related IT Division to improve security posture.
• Document any security breaches and assess their damage.
• Coordinate and update information security incident response document to ensure processes and procedures are tested regularly in line with IT continuity, business continuity planning (BCP) and disaster recovery (DR) policy.
• Promote cyber security awareness posture at all levels of management and employees by maintaining and developing a positive culture of compliance against IT security policy, industry standards and regulations.
• All other matters ancillary to the above and to perform any other related issues that management may require from time to time.