This position is for Myanmar nationals only.
PURPOSE OF THE ROLE
To Lead the Information Security structure and responsibility for Information security Governance, Risk, and Compliance in addition for planning and design of end-to-end security system for both IT and Network in daily operation.
- Supervise and advice on security vendor in all operations related to information security systems
- Conducting Risk Assessment and Vulnerability Assessment for all related IT and Network nodes.
- Defining all security risks and their associated vulnerabilities.
- Defining all threats and taking the required mitigations.
- Implementing a security risk matrix with regular actions and follow up.
- Performing the Network Security operations for all related systems: Firewalls, Intrusion Prevention Systems, Virtual Private Network, Public Key Infrastructure, Content Security, Security Events Management System, Identity and Authentication Management Systems...
- Following up all nodes and Systems are up-to-date patched, hardened, and configured in consistence with related policies, vendor recommendations and best practices.
- Providing in-depth support for information security incidents including internal violations, hacker attacks and Denial of Services.
- Assisting with the investigation of security breaches, policy violations and other security incidents.
- Performing integration of security systems with other nodes and systems.
- Designing, Implementing and managing the Information Security Operation Center.
- Develop regular consolidated information security reports from all security events gathered from various systems
- Perform regular checks and audits related to information security and reporting.
EXPERIENCE AND QUALIFICATIONS
- University Graduate in Computer Engineering, Telecom Engineering, Computer Science, or equivalent experience. (CISSP is preferred)
- 5+years of experience in information security and controls background in IS industry, Banking, Telecom operator is preferred
- Experience in good knowledge of information security standards ISO 27001, BS7799 and Telecom applications
- Excellent communications skills
Only eligible applicants will be contacted directly by the Ooredoo Myanmar Talent Acquisition Team. Candidates who do not meet the requirements will be kept in our database for any future vacancies.