LEAD, CYBERSECURITY & INFRA

Job Description

- Be the main point of contact for all issues pertaining to MoneyOwl CyberSecurity, Corporate IT and DevOps environment(s). 
- Design and lead the cyber security strategy, including but not limited to, Prevention (Firewall, DLP and etc), Threat Detection (internal sensors in place such as IDS, SIEM and etc) and Response (Incident response). 
- Provide advisory and solutioning on new security threats and vulnerabilities, including vulnerability assessments, security reviews of IT systems, network and core applications. 
- Develop, review and execute information security management framework and related IT Security policies within the company, including continuous assessment of IT security practices and policies to improve the security posture of the company. 
- Develop, review and update of the IT Business Continuity Plan. 
- Lead initiatives to assess the adequacy and effectiveness of IT controls and policies, ensuring that business users are compliant to the IS standards (ISO 27001, PDPA and etc). 
- Oversee the development and execution of corporate security awareness and training programs. 
- Lead a Cyber Security (external partners) team to manage end-to-end process across Cyber Security, IT Governance and IT Risk. 
- Enhance early detection capability through leveraging internal security data (Performing analysis of forensic evidence, log data, compromised hosts, and network traffic) and external sources (industry portals and etc) to identify existing gaps in security control and close the gaps. 
- Conduct information security incident investigations and propose relevant corrective and preventive measures. 

Work Location (MRT)

Work Location