Lead/assist and participate in Information Security audit and Risk Management by using various Information Security framework (PCI DSS v4.0, ISO/IEC 27001:2022, NIST, Cobit and etc), including audit scoping, evaluation, testing, reporting and issue follow-up.
Conduct audit and risk on various processes, technologies, and platforms, such as UNIX, Windows, DBMS (SQL, Oracle, DB2), AD, AS/400, Network and etc.
Identify technology risks and recommend appropriate controls based on risk level, business requirements, and feasibility of implementation.
Consult clients to evaluate and make recommendations on process and control design improvements.
Prepare and deliver clear, concise and effective communication, both oral and written, to all levels of management.
Requirement
Bachelorβs Degree in Cyber Security, Computer Science, IT, System Engineering, or any related field