Position Details

Summary

Job purpose

Main role is to manage governance level and secondary control for User Access Management. Aside from that, there resource will also handle support for IT security devices management, IT/Info Sec Governance policy making, IT risk management, and other related task to IT/Info Sec.

 

Responsibilities

  • Periodically monitors the creation, modification, and deletion of user accounts and access rights of user accounts and access rights of users to specific information systems.
  • In coordination with the information asset owners and system administrators, maintains the user access matrix for all information systems and determines the appropriate access rights to be given to Company personnel
  • Review/Update Policies related to Access Management
  • Facilitate/Assist companywide security risk assessment of information asset
  • Review, recommend, approve and/or disapprove the risk mitigation plan of various departments/divisions regarding the level of protection of information assets
  • Monitor and analyze security risks for all Company initiatives and operations relative to its defined risk limits
  • Create/Develop materials for monthly Information Security Awareness bulletin
  • Create periodic security performance report for security devices services
  • Documents and monitors deviations from security policies
  • Monitoring of security-related event logs of all critical information systems and security event logs
  • Develops, updates information security standards, technology-related guidelines and procedures in coordination with concerned groups to address updates on information security policy
  • Coordinates with the network, system administrators and other security services provider to monitor and ensure consistent security functionality across different hardware/software platforms
  • Tests and evaluates application-based access control systems before implementation
  • Monitors that only authorized software and licensed products are installed
  • Performs independent technical security assessment of critical servers and network devices
  • Monitors the market for new security solutions such as firewall products, single sign-on, encryption, password generation and secure internet working and recommends security solutions that may be implemented
  • Researches the viability and applicability of emerging security technology and assess vulnerabilities with emerging technologies

Maintains current information on vulnerabilities and controls that serve as the basis for technical controls to protect the Company against both current and emerging threats

Job Qualifications

  • Bachelors Degree
  • Graduate of IT related course
  • With at least 3-5 years of solid experience

 

Skills and Competencies Requirements

  • Excellent technical skills
  • Project management

Application Form