Create your free CV! Get a ready-made CV for free by completing 80% of your career profile.  Complete your profile
Ooredoo

Information Security Risk, Audit & Compliance Senior Manager

Job Summary

Ooredoo Myanmar is practicing innovative ways of working especially during pandemic time and we have started implementing a new opportunity type for remote working at different levels in various areas. And this role is part of remote working role. This role has to give advice to Ooredoo Myanmar Management Team when it comes to ISRM Matters.

  • Minimum Qualification: Masters
  • Experience Level: Senior level
  • Experience Length: 12 years

Job Description/Requirements

ROLE ACCOUNTABILITIES

  •  Development of Information Security Strategy and Roadmap (e.g., Security Plans, Propose Target Security Operating Model etc.)
  • Development of Information Security Framework which outlines Company Security Objectives, Code of Ethics, Roles and Responsibilities, Risk Management and methodology, Incident Management, and among others to ensure implementation of the information security Goals. 
  • Performs Information Security Architecture review to ensure communication over IT and Mobile/Telco network are conducted in a secure manner.
  • Application Security and Software Development Life-cycle (SDLC) Enforcement.  Enforce the relevant mandatory security controls and various gating points before a project/system is allowed to go live (e.g. risk assessment, security design, security testing, etc.)
  • Manage Penetration Testing and Vulnerability assessments (e.g., Definition of RFP, Scope of Work, Deliverables, ensure project completion based on agreed scope, etc.)
  • Support Company Threat and Vulnerability Management – Monitors IT threats that are reported externally (e.g., SANS, US-CERT etc.) and discovered internally and coordinates the timely communications and remediation.
  • Support Risk Management - Risk analysis, Assessments and Testing.  Coordinates with various IT and Business units and ensures that IT Risks are managed and documented.
  • Participate in critical projects Go/No-Go decision and ensure that all critical requirements (e.g., closure of critical security issues, ensure availability monitoring, etc.) on security, functionality and process are considered.
  • Manages the Security MS Partner day to day activities, KPI and SLA’s.
  • Conducts weekly Security working group meeting incl follows plus conducts mthly Security Governance Meetings with OML Management.
  • Prepare Information Security report as required by external party such Ministry of Transports and Communications and other Government requirements.
  • Reporting to Senior Management on Security Plans (e.g., Security Projects, Security technologies etc.)

 

EXPERIENCE AND QUALIFICATIONS


  •  Bachelor Degree in IS or Computer Engineering
  •  Equivalent Qualification of min 3 of the 7 is mandatory (CISSP, CISM, CRISC, CISA, BCCE, AMBCI, CWNA)
  •  Hand on experience in ISO 22301 BCMS/ ISO 27001 ISMS audit experience
  •  12+ years’ experience in ISRAC, Telecoms of Banking industry.
  •  Strong experience in ISRCA domain with relevant trainings & Audit Experiences
  •  Strong understanding of Security Operations Management, Systems and Applications

 

Only eligible applicants will be contacted directly by the Ooredoo Myanmar Talent Acquisition Team. Candidates who do not meet the requirements will be kept in our database for any future vacancies.


Share Job Post

Stay Updated Join our newsletter and get the latest job listings and career insights delivered straight to your inbox.

Log In to apply now

Activate Notifications Stay productive - get the latest updates on Jobs & News
Activate
Deactivate Notifications Stop receiving the latest updates on Jobs & News
Deactivate
Yangon
| Full Time |
MMK 200,000 - 400,000
1yr
Yangon
| Full Time |
MMK 200,000 - 400,000
1yr
Yangon
| Full Time |
MMK 200,000 - 400,000
1yr
Yangon
| Full Time |
MMK 400,000 - 600,000
3mos