Senior IT Security Officer (VA)

POSITION DESCRIPTION

Senior IT Security Officer has responsibility for performing information security administration and administering various kinds of information security systems and devices, such as Vulnerability Assessment Tool, Email Phishing Simulation and other tasks assigned.

‍

DUTY &RESPONSIBILITY

• Conduct regular vulnerability assessments across all IT systems, networks, and applications using industry-standard tools and methodologies.
• Analyze assessment results to identify security vulnerabilities, misconfigurations, and weaknesses in IT assets.
• Prioritize and classify vulnerabilities based on severity, exploitability, and potential impact on business operations.
• Performing endpoint hardening based on an established baseline.
• Developing comprehensive remediation plan for the issue.
• Keeping up-to-date with developments in IT security standards and threats.
• Provide technical expertise and guidance to IT teams on vulnerability management processes, best practices.
• Collaborate with IT teams to develop and implement effective remediation strategies and action plans to address identified vulnerabilities.
• Supporting remediation of any pending identified vulnerabilities.
• Support any assigned task by Manager.
• Developing and improving the skill level of subordinates.
• Providing support for any project reporting to management.
• Supporting and providing the required information for any audit activities.
• Performing any other duties as directed by supervisor.
• Comply with all applicable regulations, rules, codes, guidelines, and standards set by regulators and the bank, and carry out duties with high integrity.
• Adhere to all established risk control guidelines, procedures, and measures to identify, assess, report, mitigate, and monitor the risks involved in the day-to-day work. 

‍QUALIFICATION

• University graduate, preferably majoring in Computer Science related subjects or equivalent.
• 2+ years of experience in IT Security role.
• Extensive experience in preventing illegal activity and performing access control.
• Advanced ability to troubleshoot server vulnerabilities.
• Strong knowledge of server operating systems such as Windows Server, Linux, etc.
• Outstanding leadership, organizational, and time management skills.
• Outstanding verbal and written communication skills (in English and Khmer).
• Strong people skills.
• Formal certification would be an advantage, as would knowledge and experience in IT security such as CC, CEH, etc.
• Self-motivated and have good problem-solving skills.