Manager - Country Information Security Officer
Bangkok, TH, 10330
Nice to know
The candidate will be in the team of the Companies information security office. Information security team communicates directly and regularly with the Information Security Officer (ISO) and may be the Region and Group Information Security Office or a member of the Information Security Core Group. The information security manager must meet their responsibilities, which include: Ensure the policy management including IT/IS policy and its functional rules and supplement practices documents, ensure proper security training in the basic requirements regarding information security, and ensure dealing with security incidents, cyber/crisis drills, and other related matters.
Your Day at Allianz Ayudhya
- Provide input on and contribute to global policies
- Create local adaptations of global policies based on local regulatory requirements as well as create local implementation
- Establishes local policies for topics not covered in global policies
- Escalate to ISO identified breach of the requirements from the policies
- Communicate applicable corporate rules relevant to Information Security in coordination with the ISO
- Get local management and business owners aware and effective of their role in incident and crisis management
- Creates local security training initiatives as well as design, execute and report on local security trainings
- Involve and guide local incidents with Allianz Cyber Defense Centre (ACDC) and management of security related incidents including cyber security and data privacy
- Plan and manage local cyber/crisis drills
- Advise the ISO in all information security related issues, liaise with and regularly report about the information security status to the ISO
- Other security related matters upon assignments
- In respect to these responsibilities the information security team must have a local reporting line (e.g. by regular information meetings, reports) to the ISO
Must Have
- Bachelor degree in computer related field or equivalent
- Professional experience in Information Security field for 5 years
- CISM (Certified Information Security Manager) or CISSP (Certified Information Systems Security Professional) is an advantage
Nice to Have
- ISO27001 / NIST Framework
- CISSP (Certified Information Systems Security Professional) is optional
- Statistical report and systematic thinking
- Technical & professional skills and qualities
- Project planning and monitoring and Consulting Skills
- Good English communication skills are required
-