Talent.com
Tawaran pekerjaan ini tidak tersedia di negara Anda.
IT Security Manager

IT Security Manager

Sun LifeJakarta Selatan, Jakarta Raya
24 hari yang lalu
Uraian Tugas

Job Description

Job purpose

  • Ensure all IT Security & Governance deliver services above the agreed SLA.
  • Ensure all IT Security & Governance projects are delivered as per requirements and within cost and time.
  • Ensure IT Security & Governance expenses are within the budget, or acceptable variance.
  • Ensure IT Security & Governance team is equipped and motivated to deliver their tasks.

Major accountabilities

  • Lead and manage day to day activities and development of IT security and governance team and working as subject matter expert in area of IT Security & Governance to provide high level consultation and guidance for IT team and / or business users.
  • Develop and maintain local IT security related operating guidelines based on corporate policies and standards.
  • Define and implement accurate control, documentation and regular revalidation processes for all system access rights provisioning and software licenses usage.
  • Manage project coordination and reporting as assigned as part of project Security Review process
  • Work closely with IT Security team in regional and corporate for alignment of required Security Advisory activities, projects, and reporting.
  • Formulate action plan, tracking, reporting and timely resolution of all relevant incidents / problems / audit findings.
  • Lead the coordination and work closely with other IT team stakeholder to support External and Internal Audit related to IT General Control Audit (ITGC), ISO 27001 and Bussines Internal Audit, specifically in relation to Information Security area.
  • Specialized knowledge

    Understanding of Life Insurance Business Processes.

    Overall understanding of IT Security & Governance that covers :

  • IT Architecture Security review
  • Expert knowledge and experience in IT Security & Governance related processes and implementations.
  • Good knowledge and experience in IT Security Framework and controls : NIST, ISO 27001, COBIT, SOC2, PCI DSS, GDPR, CIS Controls.
  • Good knowledge and experience in various IT technologies such as Windows, Unix, Computer networking, Firewall, antivirus, encryption tools, web filtering, sniffer, pen-test and other related security supporting tools / systems.
  • Portfolio / Program & Project Management

    Security Incident & Problem management

    Soft Skills

  • Good communication
  • Problem solving ability
  • Negotiation / conflict resolution ability
  • Strong Leadership
  • Problem solving

    Varied to Complex depending on the situation.

  • IT Security & Governance : Predominantly Varied to Complex
  • IT Security Projects : Predominantly Varied to Complex
  • Education and experience

  • Degree in Computer Engineering / Computer Science.
  • At least 5 years of experience in IT, with minimum of 3 years in IT Security and / or team leading experience. Preferably in financial sector.
  • Certification in CEH, CHFI, ECIH, CISM, CISSP, and ITIL, Six Sigma or other relevant industry standard is preferable.
  • Communication scope

    Internal

    Business users, IT Management and other department leader. IT Application and Production Support team. Corporate, Regional and Enterprise Services Security Team Internal Audit

    External

    Security and technology Interest Group, External Audit, Vendors , Regulatory body in relat to Cyber Security response, BSSN, etc.

    Management scope

    Total number of direct reports : 1

    Metrics (if applicable)

    Other metrics (specify) : Business SLA

  • Desktop Security Incident Response
  • IT Infrastructure Security Incident Response (Server, Network)
  • Quarterly Internal and External Scan
  • Vulnerability Management Report KRI (Critical, High, Medium, Low) – Open VIT past target, in progress and in-flight
  • Penetration testing finding (Critical, High, Medium, Low) - Open Findings past target, in progress and in-flight
  • Risk KRI from ISRA – Open Risk from ISRA
  • Security Access Provisioning
  • Security Dashboard and KRI
  • Malware, DAT compliance, Unauthorized software, Email filters, USB port lockdown, network intrusion, Penetration tests and ISAT
  • Travel required (express as % of working time) : N / A

    Job Category :

    IT - Technology Services

    Posting End Date : 29 / 09 / 2025

    Buat peringatan pekerjaan untuk pencarian ini

    It Manager • Jakarta Selatan, Jakarta Raya