Manager, Information Security & Governance

Prudential’s purpose is to be partners for every life and protectors for every future. Our purpose encourages everything we do by creating a culture in which diversity is celebrated and inclusion assured, for our people, customers, and partners. We provide a platform for our people to do their best work and make an impact to the business, and we support our people’s career ambitions. We pledge to make Prudential a place where you can Connect, Grow, and Succeed.

What are we looking for?

We are looking for a Manager, Information Security & Governance to responsible for developing and maintaining our security policies, procedures, and
controls. You will also be responsible for conducting security audits and risk assessments, and for investigating any security incidents that occur. Ensure that company is properly protected against information security risks.

What are we expecting from this role?

• Lead, Create and oversee an organization-wide information security program.

• Take lead and coordinate both IT/ IT Security Governance to fulfill the group governance manual

• Develop, implement, and maintain security standards and procedures

• Provide advice and assistance to management concerning information security, privacy, and related matters.

• Track and assess information and security-related matters.

• Report information security breaches and vulnerabilities to management and to appropriate authorities.

• Support business by performing the Privacy Impact Assessment and recommend the solution. 

• Proactively identify, assess, manage, and mitigate potential threats to security by following relevance incident respond procedure/ standards. 

• Ensure that security policies and directives are consistently applied.

• Develop and implement programs for employee security awareness

• Ensure compliance with Technology, IT Security, Data Protection and relevance Information Security local regulations, Law, and standards. 

• Support business to perform the Third-party Information Security due diligence

• Manage, direct, and coordinate Information Security Quality Assurance to ensure the effective implementation of Information Security and Privacy Control and ensure the business casual operational 

• Manage identity access management processes such as access rights review and privilege access management system

• Oversight on Cyber Security such as patch management, end point security, security incident management, network access control, encryption, penetration testing, Anti-virus, Virtual Private Network, Firewall, etc.

• Coordinate for Disaster Recovery planning and Business Continuity fulfillment

• IT Security Budget exercise including Planning and Cost Optimization

• Take part/ lead in the Risk Control Self-Assessment by ensuring the proper Technology and Privacy Risk and control is in place. 

• Support business and T Department settling all technology governance  compliance related compliance matter by playing a role as First line of defense 

• Other tasks assign from line manager

Who are we looking for?

• Minimum of 5 years’ working experience in information security

• Exellent knowledge of Internet security, including Internet architecture, protocols, and applications

• Experience with network and end point configuration, IT risk control and cybersecurity including Cyber Hygiene, Data Security, End point security, Security Incident Response, Database security.,etc 

• Experience with Data Privacy, IT/ Security Governance and IT Auditor concept

Prudential is an equal opportunity employer. We provide equality of opportunity of benefits for all who apply and who perform work for our organisation irrespective of sex, race, age, ethnic origin, educational, social and cultural background, marital status, pregnancy and maternity, religion or belief, disability or part-time / fixed-term work, or any other status protected by applicable law. We encourage the same standards from our recruitment and third-party suppliers taking into account the context of grade, job and location. We also allow for reasonable adjustments to support people with individual physical or mental health requirements.