Job Description

Description: This role will be responsible for ensuring internal systems and processes are compliant with information security standards providing consultation and awareness of information security requirements monitoring, managing and closing information security compliance issues. The responsibilities include identification, evaluation and interpretation of standards, regulatory, statutory and member security requirements, control deficiencies and information security risks. Duties and responsibilities: Review and revise policies in Capital A and its subsidiaries where information security is concerned. Map Capital A requirements and standards/regulatory requirements across the company\'s information security framework to identify overlapping requirements and compliance efficiencies. Track enterprise compliance across multiple security frameworks and maintain up-to-date records of requirements and corresponding mitigating controls. Participate and facilitate audit and assessment activities to ensure compliance with information security requirements. Assist in identifying and analysing internal and external information security requirements in order to provide relevant and suitable standard or best practice and solutions to fulfill requirements. Assist in analysing management and technical controls to ensure specific security and compliance requirements are met through verification of documented processes, procedures and standards in order to validate maintenance of secure configurations. Collaborate on IT projects to ensure that security policy/risk issues are addressed throughout the project life cycle. Monitor and facilitate entitlements review process to ensure compliance.. Support development and reviews of security policies, processes and procedures and support service-level agreements to ensure that security controls are managed and maintained. Participate in the development of information security awareness training in conjunction with other members of the GRC. Requirements: Bachelor\'s Degree in Information Technology, or Business with IT, Computer Science, or equivalent Minimum 1 years experience in Information Security/IT Compliance or related fields Minimum 1 years experience in participating/conducting IT/Information Security audits or assessments Relevant industry certification is an advantage (ISO 27001, CISA, CISSP, CGEIT, etc) Working knowledge in common IT/information security related regulations or standards, especially ISO 27001 and PCI-DSS Strong communication (spoken and written), interpersonal, and conflict resolution skills. Ability to establish and maintain rapport with stakeholders is highly desired. Strong analytical and critical thinking skills Result oriented, high level of attention to detail, self-starter and motivator, ability to multitask and adjust to shifting priorities. We are all different - one talent to another - that is how we rely on our differences. At AirAsia, you will be treated fairly and given all chances to be your best.We are committed to creating a diverse work environment and are proud to be an equal opportunity employer. Search Firm Representatives - AirAsia does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place.

foundit