The incumbent will work with Senior Manager, IT Services in managing IT Security and Cyber Security. Manage all facets of first level support, including line managing first level staff and assets. Ensuring change control and information security procedures are followed across Rakuten Trade.

This role is also required to prepare and monitor Cyber Security policies, framework, budget and costing, strategic planning and audit matters, in consultation with the Senior Manager, IT Services.

Duties & Responsibilites

• Specialize in IT System/Infrastructure Security; implement and monitor security measures for the protection of computer systems, networks, and information to ensure that all IT related security components are implemented in accordance with the compliance against Information Security Policy and Management Standards, Statutory Legal and Regulatory requirements.
• Oversee all day-to-day IT security incidents/administration/health check current servers and network infrastructure security control. Identify IT risks, threats, and vulnerabilities in the company’s technology infrastructure. Analyze and report computer network/servers/application security breaches or attempted breaches. Investigate security incidents, updates, and documents security control, perform risk assessments, take appropriate action to minimize harm and make recommendations to corrective action. Maintain incident documentation, participate in post-mortems, and write incident reports.
• Establish and maintains IT security related policies, procedures, and guidelines. Periodically review the security related guideline and control to ensure the efficiency and effectiveness of the information security controls and recommend improvements wherever is necessary. Develop comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancement.
• Coordinate internal audit team, external audit team and IT team to provide the information as audit request and update the status of audit next step to IT management.
• Drive continuous process improvement to all security functions utilizing KPIs and metrics.
• Advise on security operation controls to systems or applications when it comes to implementing new technology.
• Perform vulnerability and penetration management program, reporting with risk prioritize, remediation and recommending appropriate solutions.
• Responsible to manage and report to Management on cyber security issue, statistical fault report and status on weekly and monthly basis.
• Participate in DR and BCP simulation including infrastructure, security readiness and checklist.
• Involve and provide feedback on cyber security activity, audit and briefing to regulator and staff.