Expert, Cloud Security

1. Cloud Cybersecurity risk and compliance framework and management: Accountable for development of the Cloud Security Design framework for new technology solutions. Responsible for embedding best practice security through evaluation of suppliers. Responsible for establishing security requirements needed to provide services securely. Ensure compliance to current standards ISO27001, 27017-27018, PCI-DSS. Defining requirements for risk and security and ensuring they are achieved. Drive cyber security strategy compliance. Align activities to current BAU audit activities from legacy business to ensure consistency in approach. Manage and liaise with regulators. Identify, highlight and remediate information security risk in the Bank 2. Policy, Standards and Processes: Planning, studying and then designing a resistant security architecture for various IT/IT Security projects (clould/onpremise). Test and evaluate new security solution/new security technology. Make sure that all workers follow the necessary corporate security policies and procedures that are defined, developed, implemented, and maintained for a seamless workflow. Buildup/develop security architect rule and apply to practice. Comply with the Bank’s Information Security Policy, Regulations, Standards, and Process. Provide feedback to enhance the current policies, regulations, standards and processes where necessary. Communicate and ensure all staff understands and comply with the Information Security Policy, Regulations, Standards and Processes 3. Operations, Reporting and Administration: Ensure that the Information Security Strategy and Plans are implemented as planned. Ensure that Information Security process are followed diligently. This may include Risks Management, Operating Security Services/Tools to support the Information Security Program of the Bank. Control approve the request/changes related to security, control activities of IT security: implementing, operating, vulnerabilities management. Contribute to the IT Security Dash Board for Management. Work with both internal/external audit during audit programs. Training IT security awareness. Collect, analyze and produce report for IT Security every month 4. Area of Information Security Specialization: Provide the appropriate guidance and advisory in the area of specialization. Be able to contribute to the Bank in terms of documentation, transfer of ideas and implementing the plans in the area of specialization.