POSITION DESCRIPTION
Reporting to Head of IT Security Department, IT Security Governance Manager will be responsible for working with subject matter experts (SME) and management to write and manage information security policies, standards and supporting documentation. More than a technical writer, the roles should be familiar with information security related tools and risk management concepts and standards, as well as a general understanding of information technology systems and terminology.
DUTY &RESPONSIBILITY
- Implements security controls, a risk assessment framework, and a program that align to regulatory requirements, ensuring documented and sustainable compliance that aligns with and advances bank business objectives.
- Evaluates risks and develops security standards, procedures, and controls to manage risks.
- Improves the bank's security positioning through process improvement, policy, and automation.
- Defines and documents business process responsibilities and ownership of the controls in governance tools.
- Schedules regular assessments and testing of effectiveness and efficiency of security controls and delivers the report on a timely basis.
- Update security controls and provide support to all stakeholders on security controls covering internal assessments, regulations, protecting PII data, and PCI DSS.
- Assist other staff in the management and oversight of security program functions.
- Collaborate with cross-functional teams to ensure alignment of security initiatives with business objectives.
- Assess and monitor cybersecurity posture and security best practices within the bank environment.
- Trains, guides, and acts as a resource on security assessment functions to other departments within the bank.
- Contribute to the development and maintaining cyber security awareness posture of IT security policy, industry standards, and regulations.
- Assist in monitoring and analyzing security-related systems and solutions under IT security governance (DLP, MDM, and GRC).
- Handle other tasks assigned by the head of department.
QUALIFICATION
- Master's or Bachelor's degree in cybersecurity, IT, computer science, or other related fields.
- Minimum 4 years’ experience covering IT security, IT risk assessment, or cybersecurity domain.
- Knowledge of IT security concepts, computer science, or a related field.
- Outstanding leadership, organizational, and time management skills.
- Basic understanding of security principles and best practices.
- Good communication and interpersonal skills.
- Ability to work both independently and collaboratively in a team environment.
- Basic analytical and problem-solving skills.
- Familiarity with industry standards and frameworks such as PCI-DSS, ISO 27001, NIST, or COBI.
- Willing to learn, fast learner, flexibility, self-motivated, and "can do" attitude.
- Relevant certifications such as CCNP, SSCP, CISA, CISM, CISSP, or equivalent are a plus.
How to apply
Interested and qualified applicants should submit your updated Cover Letter and CV stating the position applied for with your current photo (4x6) through hr@canadiabank.com.kh
