• Managing IT security projects & information security incidents
• Monitoring and administration of IT security solutions
• Training of Information Security Awareness
• Assist related team for implementing IT security controls
• Enforcing and maintaining the organization’s Information Security Policies & Standards
• Gap analyzing and reviewing of security controls implementation for mandatory compliance standards such as PCI DSS, Swift Mandatory Security Controls, and Western Union Security Requirements
• Review and advice improvements to security technical setups and configuration to ensure compliance with organization policy/standards and regulatory requirements
• Regularly review the effectiveness of security controls such as firewalls, intrusion prevention system, VPN, Endpoint protection system, and vulnerability management system, etc.
• Conducting information security awareness sessions annually and to new employees and as necessary
• Conducting internal vulnerability scanning activities as per PCI DSS compliance and scanning policies
• Act as Security officer for HSM key ceremonies to comply with PCI PIN standard
• Evaluation of vendors for new security products / solutions based on organization’s evaluation criteria.
• Conducting security assessment for new technical systems before going live to production and critical systems frequently
• Identify, assess, provide response plans for technology/information risks
• Track, monitor and timely respond to security threats and incidents according to predefined policy and procedures

• Any Graduate (or) other relevant academic backgrounds (MBA degree holder is preferable!)
• Age between 28 and 35 years old
• Minimum 3 years solid experience in financial or telecommunication industries and Information Security professional certifications (is a plus)
• Good experience or strong knowledge in Information Technology Risk Management, Threat & Vulnerability Management, Employee Security Awareness Program, Security Monitoring & Incident Management, Physical Security, System/Application/Network Security, Security Operations
• Good interpersonal skill, stakeholder management skill, strong problem solving and analytical skill, decision making skill
• Strong understanding of security standards such as PCI DSS, ISO 27000 Series, etc. Technical clarity and understanding of Firewall, VPN, Multifactor Authentication, IPS/IDS, Endpoint Security, Log and Event Management (SIEM), etc
• Computer literate and proficient in English (Written and Verbal)
• Myanmar Nationality only