Reporting To (position):
DKI Jakarta, Indonesia
The ideal person is responsible for managing global ICT information security activities including reporting, assessing potential security violations, recommending, and implementing security best practices. As well as managing the overall Information Security Team.
Duties & Responsibilities
- Liaises between team members and management.
- Lead team members in completing assignments, projects, and activities.
- Provide security standards and guidelines for protecting information assets.
- Coordinates, administers, communicates and maintains the Information Security Program.
- Identifies new initiatives and brings improvements in processes and systems.
- Ensures compliance to information security policies, standards and procedures.
- Investigates, assesses, tracks, resolves and reports suspected violations of policies and procedures in coordination with peers.
- Creates and maintains information security awareness training materials and assessments.
- Coordinates internal information security readiness exercises.
- Manages regular vulnerability scans of systems, collates findings and ensures close out of discrepancies.
- Liaises with external security service vendors.
- Manages the Information Security team covering performance, define accountability and performance objectives, provide feedback and guidance. Ensuring that all quality objectives and policies are understood and adhered to.
Skills & Qualifications
- Wide knowledge in Information security risk management.
- Hands on experience in implementing and management SIEM system.
- Working experience with security tools such as IDS/IPS, firewalls, end point security suites.
- Experience in O365 security policy configuration and administration.
- Good understanding on the various security standards such as ISO27001, SOX, NIST, IT general controls, etc.
- Excellent English communication skills both written and verbal.
- Strong people management skills.
- Ability to multi task and work across multiple projects.
- Security certification (Preferable): IS lead auditor, CEH, CHFI, CISA, CISM, CISSP.
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills.