Officer, IT Governance and Assurance


Head Office


IT Security and Governance

Application deadline: 

January 31, 2023

Job overview

  • Assistant to IT Security and Governance is responsible to develops and implements information security standards and procedures to ensure that all information systems are functional and secure.

Apply Now

Key responsibilities

  • Assist in developing and enhancing information security policy and IT security-related Policies, to align with standard framework including but not limit to ISMS (ISO/IEC/ 27000 series), PCI, NIST;
  • Assist in developing and enhancing Manual and Standard Operating Procedure in Information
  • Security and Governance Department, and review Manual and Standard Operating Procedure of IT related departments to ensure the alignment with the Bank standard policies and business requirement;
  • Assist in conducting control gap analysis program and recommending risk mitigation and control processes for information security and prevent incidents happened through the exercising of IT General Controls testing;
  • Assist in performing compliance check and report on ISMS and IT Policy to related department;
  • Assist in maintaining appropriate security measures and mechanisms to guard against unauthorized access to critical banking systems and project against reasonably anticipated threats and hazards;
  • Assist in reviewing security controls on all new solution implementations;
  • Monitor compliance of IT security policies and procedures among employees, contractors, alliances, and other third parties and referring problems to appropriate related stakeholders;
  • Develop and conduct training on Information Security awareness program to all staffs to bring security into the forefront and make it a recognized entity for users, or establish foundation of security understanding across the entire bank and to ensure all system users effective
  • Coordinate or act as a liaison between IT department and internal auditor, external auditor, compliance entity and/or NBC effectively;
  • Keep assessment, evidence and other compliance documents in an organized manner and securely store for further reference;
  • Ensure that IT governance activities, policies and decisions are communicated to IT Management and Business in order to update the IT governance decisions that will affect IT services and projects.


  • Respond to enquiries from staff and provide security advice as required;
  • Work with IT team to formulate IT operational procedures;
  • Prepare monthly security reports and user and role assessment review at periodical basis;
  • Other job assigned.

Capabilities and experience

  • Bachelor in of Information Technology, Information Security, Cyber Security, or other related degrees such as Computer Science, Management of Information Systems;
  • At least 1-3 years working experience in IT Governance or IT Auditing and Assurance, other IT security Related;
  • Holding security related certification in CySA+, ECSA, OSCP, CEH, CISA or from equivalent recognized certification body is a plus;
    knowledge of a wide range of Information Technology and Digital systems and a deep understanding of the inherent security risks associated with these technologies;
  • Knowledge of security regulations and standards including NIST, SANS, PCI DSS, ISO/IEC 27001, CIS
  • Experience in quality inspection, auditing, and testing
  • Positive attitude towards learning and development demonstrated by a record of continuing professional development;
  • Self-confident and able to work under pressure;
  • Ability to manage time and priorities appropriately;
  • Good verbal and written communication skills and able to communicate effectively at all levels;
  • Honesty, reliability, and a commitment to strict confidentiality.

How to apply

If you would like to apply for this vacancy, email your cover letter and CV to :