Manager, Information Security (40001092)

Job Purpose

Responsible for building, managing, participating in the development of one of the following areas:
a. Scope of Information Security Development: Evaluate deployment, develop security solutions/Design, test information security/Ensure compliance with security standards (of Vietnam and International)
b. Scope of Information Security Administration: Manage and directly participate in administrative activities on identity and access security/network security/endpoint services and data security
c. Scope of Information Security Planning: Manage and directly control the implementation of information security policies and standards for applications, infrastructure of Techcombank and its partners and suppliers, ensure compliance with the Bank's information security requirements.
d. Scope of Information Security Testing: Manage and directly perform testing attack activities for technology systems to detect vulnerabilities/weaknesses and provide solution guidance.
e. Scope of Information Security Monitoring: Monitor detecting all attack events/incidents as quickly as possible (realtime) based on events aggregated from security systems as well as other technology components.Then alert relevant departments to investigate and react to that event/incident.

Key Accountabilities (1)

PEOPLE MANAGEMENT
- Attract, onboard and retain the right talents for a high- performing team
- Communicate team and individual KRAs/ KPIs, goals, action plan, expectations and results to team members
- Manage team performance & provide feedback regularly (following the annual performance management cycle);
- Enable team member’s professional and personal development through capability assessment, training, coaching & feedback, etc.
- Motivate and recognize team members’ contributions towards the team’s shared goals
- Responsible for developing talents within the team
- Act as a role model and promote corporate culture at sub- function level
- Understand & communicate relevant HR offerings to team members.

* Develop and propose action plans related to security development activities:
- Develop and propose annual action plans of the unit
- Participate in building/advising on the overall strategy of the unit
* Responsible for guiding, assigning, insisting, checking and supervising the work of all levels of direct reports in the unit. Directly participate in and report on the development, implementation, and compliance of information security in the areas of expertise assigned, including:
- Research, evaluate and implement information security measures and solutions to ensure security and safety for the entire information system of the bank.
- Participate in projects to ensure security for systems to be built, including stages: requirements developing, security designing, risk modeling, information security testing (code sourcing review and testing), implementing security controls.
- Analyze and evaluate technology solutions before deploying to ensure technology changes or selected solutions are safe in terms of security.
- Update, analyze vulnerabilities/weaknesses and assess effects on Techcombank in order to offer appropriate protection measures.
- Building and implementing information security rules and configurations for security solutions
- Implement and maintain compliance of Techcombank systems with international and Vietnamese standards (PCIDSS, Swift CSP, ISO 27001, SBV, ...)
- Develope and implement standards, processes and guidelines for the development of general information security for banks. Develop standards for information technology security for systems. Evaluate and guide to comply with these standards.
- Coordinate with the security monitoring và responding department to analyze, and response to attacks that affect the bank's operations. Apply security measures and solutions to effectively and thoroughly eliminate/prevent threats.

Key Accountabilities (2)

* Develop and propose action plans related to security development activities:
- Develop and propose annual action plans of the unit
- Participate in building/advising on the overall strategy of the unit
* Responsible for guiding, assigning, insisting, checking and supervising the work of all levels of direct reports in the unit. Directly participate in and report on the development, implementation, and compliance of information security in the areas of expertise assigned, including:
- Develop/adjust and implement MTPQ of security solutions for networks, endpoint services and data, identity and access
- Develop requirements and measures to:
+ Control access, network connection level;
+ Manage access and use of data on data warehouses and endpoint services in the bank
+ Manage identity and access for all bank's systems
- Develop, maintain, and optimize security policies/rules/configurations for information security solutions:
+ Network (Firewall, NAC, APT, NetIPS, DDOS...).
+ Manage access identifiers (PAM, IAM ...)
+ Data (DLP, FAM...)
+ Endpoint services (AD GPO, HIPS/HFW, Appcontrol, Web/mail filtering, DB security...)
- Assess, evaluate, review:
+ Implementation of assigning permissions on systems ensures compliance with the permission matrix.
+ Implementation of allocating and withdrawing privileged accounts on the systems.
+ Exception requirements for accessing and using technology systems
+ Changes requirements on security solutions

Key Accountabilities (3)

- Search and evaluate security solutions to deploy at the right time, serving risk management and ensuring compliance with Techcombank's regulations and policies.
- Manage security technologies for information security mission, improve the way current technologies are exploited to protect sensitive banking information as well as other support systems.
- Develop a security system with flexible components, which can include internal components, partner services to protect the bank from attacks from both inside and outside.
- Design and implement training, communication and awareness raising programs on technology compliance risks for the whole bank (deploying information security courses, testing information security awareness) , communication through information security bulletins, direct communication to units).
- Assess and search for security solutions to deploy to overcome weaknesses, handle security risks and ensure compliance with TCB's regulations and policies.
- Prepare information security management reports.
'o Develop requirements for log integration across systems for centralized monitoring and storage systems.
o Manage, build and optimize monitoring and analysis components on a centralized monitoring and storage system.
o Implement log integration from systems to SIEM centralized monitoring and storage system
o Develop guidelines and procedures for information security monitoring.
o Detect all attacks and security violations on the system
o Researching new attack techniques, thereby providing methods to perform attack monitoring on the system.
o The focal point to receive all warning information and feedback on security incidents
o Participating in security incident response
o Investigate and handle security incidents as assigned
o Perform analysis, investigation, and determination of the root cause of the incident.
o Update the attack signs, the identification signs for the monitoring group, to perform real-time monitoring of the whole system.
o Automating incident response steps based on TCB's security incident management system.
o Perform writing instructions, procedures, develop scenarios for common incident response cases.
o The focal point to provide general reports on security incidents periodically or upon request from the director of security monitoring and response.
o The focal point to develop and organize drills to respond to security incidents
o Build and maintain the security incident management system
o Update network security news in the world about threats that can affect the system, send information to teams in the department.

Key Relationships - Direct Manager

IS Manager in line of Information Security

Key Relationships - Direct Reports

- Chuyên viên cao cấp an ninh thông tin
- Chuyên viên an ninh thông tin
- Trưởng nhóm An ninh thông tin

Key Relationships - Internal Stakeholders

Other related departments in the division

Key Relationships - External Stakeholders

Information security solutions/services companies, quick incident response organizations…etc.

Success Profile - Qualification and Experiences

Qualifications:
- Graduated with major in IT, Computer Science or Electronics and Telecommunications
- Have CEH certificate or equivalent certificates
Experience:
a. Scope of activities Security development
- Experience: Analyze, design, test security
- Experience in evaluating, deploying, configuring security solutions: Network security, Endpoint security, Database security
- Experience in implementing information security compliance: PCI DSS, ISO, Swift CSP
- Experience in implementing safe product development process according to Water fall, Agile model
b. Security Administration activities
Experienced in managing information security management in financial / service / telecommunications organizations:
- Management role in information security management activities (02 years or more)
- Having experience in implementing, managing and operating in-depth information security policies, rules, configuration of security solutions (06 years or more):
+ Network (Firewall, NAC, APT, NetIPS, DDOS...).
+ Manage access identifiers (PAM, IAM ...)
+ Data (DLP, FAM...)
+ Terminals (AD GPO, HIPS/HFW, Appcontrol, Web/mail filtering, DB security...)
- Having experience in building, implementing and managing decentralized model under MTPQ (03 years or more)
Having ISC2 SSCP security certifications is an advantage
There are certificates of companies providing security solutions such as Microsoft/Cisco/PaloAlto/Checkpoint/Cyberark/Sailpoint…
c. Scope of activities Safety Planning
- Experience in managing information security management in financial/service/telecommunications organizations from 6 years. The experience includes the following aspects:
- Management role in the field of information security planning (03 years or more)
- Experience in planning information security/information technology strategy (from 03 years or more)
- Experience in research, design and implementation in the field of information security (03 years or more)
d. Security monitoring activities
6-7 years of experience in managing an information security review team in financial/service/telecommunication organizations. Experience includes aspects:
- Team management role in the field of security incident response review (3 years or more)
- Experience in research, design and implementation in the field of information security (3 years or more)
Foreign Language
- Compulsory English level according to TCB's Regulations
Other requirements
- Experience in Agile Product Development