Primary Responsibility
• Review IT Security policies set by PCA• Ensure IT Security controls and processes are implemented in accordance to PCA IT Security Policies, Procedures and Baseline Standards that cover 9 areas: Perimeter Defense, Network Segmentation, Identity and Access Management, Application Security, End Point Security, Patch and Configuration Management, Log and event Management, Penetration testing and Vulnerability Scanning, and Encryption• Align and support the tactical adoption of Regional IT Security initiatives• Ensure IT security assessments and the respective security testing are conducted for all major projects and initiatives in line with the PCA IT Security Policies and Standards• Ensure IT security risks are identified, communicated and escalated as and when needed to the IT Risk• Provide focused communication with PCA IT• Implement Network and Application Security Monitoring for key security events• Handle the IT Security Incident Management, incident discovery and recovery, and incident reporting Acting as Primary Support during security incident, reporting repeated/related security incidents to Information Security Manager (ISM) and PCA IT for follow-up• Manage Privileged Account Management system (CyberArk) Ensure privileged IDs are properly used, monitored and managed Direct and implement the necessary controls and procedures to protect information systems assets from unauthorized access• Manage and review Access Control Matrix for critical systems like AS/400, Life/Asia, CM/WF, Windows Domain, etc semi annually• Perform and ensure that IT security vulnerabilities assessment and penetration test are done on schedule Support the remediation of IT security vulnerabilities and penetration results• Ensure that IT Security Patch Advisory published by PCA IT Security is reviewed and patches are tested and applied on schedule• Review the configuration of network devices, servers, applications, and databases in compliance with the PCA IT Security baseline standard on semi-annual basis Support the remediation on any configuration that does not comply to the standard• Involve in the IT DR plan to ensure the IT security related matters are adequate
Qualification
Qualification
• Degree in Computer Science or Engineering• Prefers to have professional certification like CEH, CISSP, etc• Min 5 years’ hands on experiences on IT Security• Have experiences in Business Continuity and IT Risk Management• Proficient in the following IT Security skills: o Infrastructure, Network, and Application Security o Operating System Security on OS/400, AIX, Unix, Linux, and Windows o Database Security on Oracle, DB2, and Microsoft SQL Server o Encryption and Middleware technology o Penetration test, Vulnerability assessment, and Hacking skills• Skill in IT Governance, BCP and DR, and Risk Management• Effective communication, interpersonal skill, and strong leadership• Strong analytical and problem solving skills
Informasi lebih lanjut
Bidang Pekerjaan |
Status Kepegawaian |
Petugas Klaim/Broker Asuransi, Hardware/Software Engineer
|
Full-Time
|
Pendidikan Terakhir |
Gaji |
-
|
Sesuai Peraturan Perusahaan
|
Tingkat Jabatan |
|
-
|
-
|
Powered By