• Provide the excellent supports on overall aspects of Information Security, IT Governance, IT Risk and IT Assurance.
• Operate a hands-on role involving penetration testing and vulnerability assessment activities of applications, operating systems, networks, and mobile applications on regularly basis to identify vulnerability across several systems.
• Analyze security policies configuration and provide recommendation based on industry best practices.
• Produce actionable, threat-based, reports on security testing results and present the finding to head of department and management ongoing basis.
• Conduct physical assessments of servers, systems, and network device security.
• Coordinate and lead on external and internal penetration testing projects and provide promptly update to management.
• Consult with application developers, systems administrators, and management to demonstrate security testing results, explain the threat presented by the results, and consult on remediation.
• Promote information governance and security at all levels of management and employees, maintaining and developing a positive culture of compliance against industry standards and regulations.
• Identify and address a full range of issues from structure and policy, through to assisting in specific areas such as data privacy; data leakage prevention / monitoring; information rights management; third party security and cryptography.
• Develop and maintain security assessment testing plans.