Job Seeker Reactivate Your Account
Thank you, this account has been Deactivated.
Do you want to Reactivate your account?
Sorry, unable to apply, please Upload CV Attachment, or update your JobNet Profile to at least 55% of completion.

IT Security Officer

Myanmar Credit Bureau Ltd
Recruiter active 1 week ago The recruiter at this company was last active reviewing applications.
Myanmar - Yangon
Full Time
Verified This job has been verified by the company as a real job vacancy.
13 Jan 2021

Experience level

Experienced Non-Manager

Job Function

IT Hardware, Software

Min Education Level

Bachelor Degree

Job Description

The IT Security Officer will oversee information related functions such as IT Governance, Risk and Compliance. Collaborating with various teams, he/she will help define and implement standards based security best practices and policies. He/she will manage a close relationship with IT and other business units in order to balance security needs with operational and business requirements. He/she will oversee the management and mitigation of identified risks and keep the risk register up-to-date.




•    Oversee the company’s Information Security Program
•    Work with IT Director to define information security-related objectives that will enable the company to meet its legal, contractual and business related requirements for data confidentiality, integrity and availability through the effective use of technology controls, procedural controls and information security awareness and educational objectives
•    Ensure that the company security related objectives are being met
•    Continually assess the overall effectiveness of the information security program
•    Coordinate the development and maintenance of the company’s Information Security Policy and ensure that it coordinates with other Information Technology Policies
•    Work with IT Director to define and maintain the company’s Information Security Policy regarding information classification, the proper handling of the company’s information at all sensitivity levels, the rules for the issuance of computer accounts and the assignment of privileges, the definition of acceptable proof of identity for accessing information resources, who authorizes access to information, how authorization decisions are documented and enforced, and the process of responding to information security related incidents
•    Coordinate the development, maintenance and documentation of technology standards and procedures
•    Work with IT Team to confirm that technology related standards and procedures effectively implement the company’s IT security related policies in a cost effective practical manner
•    Review third party products and services to ensure that they do not increase the risk of the company’s information being compromised
•    Manage IT security incidents
•    Promote security awareness and education
•    Convey security related policies and procedures to company’s clients and vendors utilizing a variety communication vehicles (web content, presentations, articles, email)
•    Develop and manage the company’s information security awareness program for company’s employees
•    Manage information security related projects as needed
•    Coordinate the company’s response to information security related audit findings and request made by Authorities
•    Perform operational functions where necessary for segregation of duties
•    Regularly review system activity logs to proactively uncover potential threats to company data and systems, and to ensure that operational and administrative controls are functioning appropriately
•    Review and authorize access requests beyond standard user access (highly privileged system access, access by vendors)
•    Serve as a Process Manager, coordinating the company’s investigation of and response to the possible exposure of sensitive company information
•    Research, recommend, install, configure, operate, maintain and monitor security related products that satisfy the company’s information security
•    Advise IT Director in the development of standards and procedures for: servers and workstations, handheld devices, network equipment, databases, applications
•    Research, recommend, install, configure, maintain and operate software products that can detect: improperly configured servers and workstations, application program code weakness
•    Perform technical investigations of suspected system compromises
•    Educate IT support staff in security best practices for configuring, administering, operating and monitoring technology.


Open To


Job Requirements

•    Minimum S1 Information Technology from reputable university
•    Working experience in the field of banking or financial institution (Information Security) of at least 5 years
•    Security Certifications are advantage (CISA, CISM, CRISC, ECSA, CCNA, CCNP, CCIE, CHFI, CISSP, CEH, MCSE) or other certification in networking and security area
•    Able to have IT security infrastructure managerial skills (design, implement, maintain, configure and review)
•    Knowledge in IT Security Management System (ISMS), ISO27001, AS400 and wide range of security products
•    Able to conduct IT vulnerability assessment and security penetration testing (Pentest)
•    Knowledge in firewalls, intrusion detection and prevention (IPS/IDS), anti malware, security information and event management, vulnerability analysis, account provisioning/deprovisioning, directory management, active directory, cryptography, group policy, enhanced authentication, privilege management through the assignment of security groups and application of Access Control Lists, Forensic tools, Log Events, and any other IT security
•    Good presentation and communication skills
•    Have high motivation, dedication and integrity
•    Fluent in spoken and written English

What We Can Offer


Rewards over performance


- An awesome company
- Join a winning team
- You can make a difference

Career Opportunities

- Opportunities for promotion
- Possibility for job training
- Learn new skills and techniques

About Our Company

Myanmar Credit Bureau (MMCB) is the first and only credit bureau in Myanmar. Central Bank of Myanmar (CBM) granted the credit bureau license to MMCB on 17th May 2018.
MMCB is a joint venture private company between MB Investment Limited and NSP Asia Investment Holding Pte Ltd from Singapore. MB Investment Limited is formed by the member banks of Myanmar Banks Association (MBA) and registered at Directorate of Investment and Company Administration (DICA) of Myanmar.
NSP Asia Investment Holding Pte Ltd is established and registered with the Accounting and Corporate Regulatory Authority (ACRA) of Singapore. NSP Asia Investment Pte Ltd is a wholly owned subsidiary of Credit Bureau Asia Limited (CBA).
CBA has a successful history of setting up and operating consumer and commercial credit bureaus in Singapore, Malaysia and Cambodia. As with other countries in the region, the establishment of MMCB is a significant milestone for Myanmar.
With the soft launch of MMCB on 5th November 2020, the credit bureau platform was completed and services are made available to its members. There is progressively more and more members who have completed their data upload to MMCB. Members who have obtained the requisite user access are also beginning to obtain credit reports of their customers via the bureau platform.