½Ì°¡Æú, ÀϺ», È«Äá, ¸»·¹½Ã¾Æ µîÀÇ ÇØ¿Ü ITÃë¾÷ Á¤º¸¸¦ Á¦°øÇÕ´Ï´Ù.
| Á¦¸ñ | ÇØ¿Ü ISMS(ISO 27001) Ãë¾÷Á¤º¸ | ||||
|---|---|---|---|---|---|
| ÀÛ¼ºÀÚ | BOAN | ÀÛ¼ºÀÏ | 2017-10-26 | Á¶È¸¼ö | 2301 |
| ³»¿ë | Scope of work / Key objectives / Primary Purpose: To support and maintain all relevant info security certifications (Example: ISO27K, PCIDSS, OSPAR, SOC1) To assist Information Security Manager (ISM) in implementing, maintaining and enhancement of the company¡¯s Information Security Management System (ISMS). To assist/support internal Info Security audits. Support & participate in general Compliance Audit activities and cross scope projects. Core Duties and Responsibilities: To support ISM on the Design, Documentation, Implementation, Operation, Maintenance and Dissemination of the company¡¯s Information Security Management System (ISMS) throughout the company based on the ISO/IEC 27001 standards, in conjunction with the ISMS Security Committee. To support ISM on the enhancement of the company¡¯s ISMS policies. To support information security risk assessments and controls selection activities To manage and upkeep the ISMS security training materials to ensure relevance to latest security policies and best practices, conduct ISMS security awareness training across company and vendors. To support the company¡¯s incident management framework, including monitoring, review, tracking and update of security incidents To support regular reporting on the performance of the ISMS to Management (eg ISMS monthly KPI reports) To organise the half yearly ISMS steering committee meeting and perform minutes of meeting To liaise and work with different affiliates, customers and inter-divisions/departments on audit responses and follow up to close any info security audit finding. To liaise and work with external auditors on the relevant info security certifications. To support and participate in security inspections and reviews. To support the HOD and extended division team whenever required. To support & participate in general Compliance & Audit activities and cross scope projects (e.g. Business Risk Management) Qualification Requirements / Experience (relevant skills): Good degree or Diploma in Computing / Computer Science/technology or a related field 3-4 years¡¯ experience in information security management and/or related functions (such as IT audit, Information Security Governance and IT Risk Management) Good Technical knowledge on server, network and virtualization. Working knowledge on ISO27001/2 is preferred Relevant certification relating to Information Security will be an advantage Job Role Competencies: Maintains current body of knowledge necessary to perform the Information Security Executive function Effectively applies information security knowledge to enhance the security of IT network, systems and services. Maintains and implements appropriate information security policies, standards, guidelines and procedures. Necessary Skills: Excellent written, communication and presentation skills. Strong background in information technology with a clear understanding of the challenges of information security. Excellent analytical and problem-solving abilities to identify and fix security risks. Good team working and interpersonal skills, able to interface with all levels to develop security solutions in collaboration with other functions and information technology professionals Able to manage projects independently, effective organizational and follow-up skills, paying attention to detail Willingness to be hands-on Ability to work in a cross cultural environment. |
||||
|
|||||
| ÀÌÀü±Û | XXX½ÃÇè ÃâÁ¦À§¿øÀ¸·Î ¼±Á¤µÊ | ||||
|---|---|---|---|---|---|
| ´ÙÀ½±Û | ¼ÒÇÁÆ®¿þ¾î°øÇÐ µ¿¿µ»ó | ||||
