#1398 - IT Information Security & Governance Manager
|Job Title||IT Information Security & Governance Manager|
|Job Description|| Establish the Information Security Plan toward to Frame ISO 27001 as well as in alignment with IT Strategic Plan,
Adhere & actively participate to the development of School IT strategy Plan, policy, procedures and standards for IT Information Security.
Play the role of Project Manager to undertake all the projects to mitigate the business risk in Information Security.
Introduce the new initiatives, actively involved in building the business case showing the project feasibility & opportunities in mitigating the business risk.
Establish the IT Governance Framework including all the Policies, Operational SOPs, IT Project Governance …
Lead the annual budgeting process, collaborate with relevant IT teams/Business Teams to complete the budget for entire of IT
Undertake the periodical Internal Audit to ensure the controls shall be set up in Technology based Solution following to Information Security Policies in place.
Ensure the School Information shall be protected in term of confidentiality, availability and Integrity.
Manage the day to day of entire Information Security Team Activities & show up the leadership role to collaborate with almost business departments to identify the business risk based on the IT solution.
Lead the Information Security Team solid including the Planning, Organizing, Leading, Staffing & Controlling
Monitor, Plan and control the growth of IT Solution & specially has plan to develop the team members to flexibly meet business development.
Translate and implement all the initiates/request from management team/business executive to minimize the business risk.
Proactively find out the issue or problem in business operation, discuss and propose the enabling solution to mitigate.
Share knowledge and Expertise in order to prepare the internal successors ready for the incumbent’s position and other lower key positions in the section or department within the time frame of employment term.
Actively Plan and conduct the Information Security awareness trainings to employees.
Periodically update the new of technology solutions/Information Security in the global/country and look for opportunities to apply for School.
Read, acknowledge understanding, stay updated, set good example of compliance with the company’s policies stipulated in various regulations, guides and manuals including but not limited to the Company policy, Staff Manual, IT Guideline, IT Instruction, Letter of Authority, Anti-corruption policy etc… Make sure all the team members should be aware of this.
Set goals and objectives for members of team to meet the objective of whole Information Security team particularly and of department objective generally.
The position strives for continuous improvement in systems & processes in the function in order to make the outputs user friendly, improve the business process, makes information more available to decision makers.
Ensure the DRP and BCP active in place.
Requires a degree in computer science or business administration
Requires proficiency in English communication.
Having experience of Education Industry is advantage
Have general knowledge of ERP, BI, IT Infrastructure & Architecture, Enterprise Architecture, Database …
Familiar with Application Development & ability to address the governance issue for improvement
Demonstrate an expert understanding or very detail area of expertise in multiple security subjects
Demonstrate the expert knowledge of law, regulation & policies, Interpret the policies & standard
Have a good leadership, management & communication skills
An expert in multi security application & Tools
CISSP, CISA, CEH will be an advantage,
Business Knowledge will be preferable
Chi Nguyen (Ms.)