Senior Specialist IT Security and Governance

Tasks

Security and Compliance

• Implement information security policies, procedures and best practices to ensure compliance with security and data protection standards, including ISO27001, TISAX, GDPR, PDPA, and other relevant regulations
• Conduct risk and vulnerability assessments, identifying and mitigating potential threats
• Monitor and respond to cybersecurity incidents, ensuring appropriate resolutions and preventive measures
• Conduct training programs and workshops to promote IT security awareness
• Work in cross functional teams and business projects to provide IT and security review to ensure requirements are met

 Governance and Risk Management

• Review, localise, implement, and monitor IT governance directives, policies, procedures and ensure appropriate documentation
• Manage users’ account life cycle including users’ account creation, removal, and access rights reviews across various systems
• Support risk management activities, ensuring security controls are implemented including business continuity management

Requirements

• Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or a related field.
• 2-5 years of experience in IT security, governance, risk assessment and management, vulnerability management or compliance.
• Knowledge of security frameworks and standards (such as ISO 27001, TISAX, GDPR, PDPA), access management, identity management, and IT security tools.
• Strong structural, analytical, interpersonal and communication skills
• Good team player and willing to work in multicultural environment
• Certifications such as CISSP, CISM, CEH, CompTIA Security+, or ITIL is an advantage