Information Risk and Data Privacy Manager

Information Risk and Data Privacy Manager

Prudential Assurance
4-6 years
Not Specified

Job Description

At Prudential, we understand that success comes from the talent and commitment of our people. Together, we have a shared vision in securing the future of our customers and our communities. We strive to build a business that can shape, an inclusive workplace where ideas are valued and a culture where can thrive together. Our people stay connected and tuned in to what's happening around us, keeping us ahead of the curve. While focused on the long-term, we look to the future to bring growth, development and benefit to everyone whose lives we touch.To help management make 'risk-aware' decisions.
Hỗ trợ ban lãnh đạo công ty đưa ra quyết định dựa trên các đánh giá rủi ro phù hợp.
. To protect confidential, sensitive information, data privacy of business/customers/staff/agents.
Bảo vệ thông tin tuyệt mật, thông tin nhạy cảm, quyn riêng tư của công ty/ khách hng/nhân viên/đại lý.
Job Responsibilities
1.1 Information Risk Management/
  • Information Risk Awareness programs/
  • Conduct the training information risk security policy for staff.
  • Run information security awareness: IRM Quiz, IRM Roadshows, PruRadio.
  • Translate the awareness materials/security tips from PCA and communicate to all staff.
  • Review the following in operational effectiveness to mitigate risks to information
  • Access matrices,
  • Privileged user IDs activities,

Các hoạt động sử dụng của ti khoản đặc quyn hệ thống,
  • System/devices (e.g. workstations/laptops/servers) settings & logs relating to data protection,
  • Third party contract in term of data protection,
  • Revoking the special access rights of staff about leaving company,
  • Reviewing the special access rights of staff with Head of Department,
  • Reviewing/assessing sensitive information registers and processes,
  • Managing sensitive information registration (including transfers).
  • Reviewing & processing the DLP alert report from the system.
  • Performing Clear Desk check and report about the sensitive information protection in the staff's working area.
  • Liaise with relevant team(s) to ensure local regulatory and legal requirements that affect PVA information are met.
  • Coordinate and submit regular reporting to PCA Information Risk:
  • UDA inventory report,
  • Sensitive Information transfer register, and
  • Information risk incident reporting.
  • Review and approve for special access or exceptions requests from staff.
  • Coordinate and report half year Turnbull and end year Governance exemptions related to information and cyber risk.
  • Coordinate and complete the information risk policy - compliance self-assessment requirements from PCA.
  • Support and consult operational functions as required to manage risks to information appropriately.
  • Support to ensure projects take account of risks to information.
  • Perform Vendor Information Risk Assessment such as technical solution, data storage, data flow diagrams … to identify potential risk and propose the risk mitigation controls.
  • Consult and guidance on information risk issues.
  • Attend PCA Information Risk and Privacy annual training conference.
  • Support the implementation of PCA IRM projects to Vietnam.

Data Privacy /
  • Analyze the types of breaches of any Privacy Law or Regulation within company.
  • Provide advice on projects and data sharing.
  • Ensure that the Privacy aspects are properly covered in the governance documents of all systems processing personal data.
  • Monitor the implementation of Privacy standards, policies and procedures within company.
  • Works with relevant team to ensure the company has and maintains appropriate privacy and confidentiality consent.
  • Provide Privacy advice support and regular training for staff.
  • Participates in the development and implementation of all company's agreements to ensure that all privacy concerns, requirements and responsibilities are addressed.
  • Initiates activities to foster privacy awareness within company.

Job Requirements / Yêu cầu
  • Bachelor's degree in information technology or related field
  • Good awareness of Enterprise Risk Management.

  • 4 - 6 years of experience in software development or network administrations.
  • 3-5 years of experience in information risk/audit/compliance.

  • Degree qualified, with a relevant professional qualification such as CISSP, CISM, CEH.

Knowledge and skill / Kiến thức v kỹ năng
  • Good written and verbal communication (both English and Vietnamese), interpersonal skills, presentation skills and strong project management experience.
  • Ability to analyze, communicate and governance.
  • Ability to be flexible and work effectively.
  • Customer services and positive mind-set.
  • High sense of responsibility, integrity, and confidentiality.

Competencies / Năng lực lãnh đạo
  • Sees things from the business perspective and proactively makes suggestions.
  • Build the good relationships with business departments
  • Provides guidance/advice to help business users resolve problems.

Cung cấp hướng dẫn/tư vấn để giúp các phòng ban giải quyết các vấn đ liên đến rủi ro thông tin.
  • Build the good relationships within the team, across the region and with stakeholders outside the business

Job Details

Employment Types:



Prudential plc is an Asia-led portfolio of businesses focused on structural growth markets. The business helps individuals to de-risk their lives and deal with their biggest financial concerns through life and health insurance, and retirement and asset management solutions. Prudential plc has 20 million customers and is listed on stock exchanges in London, Hong Kong, Singapore and New York. We are proud to be one of the 380 companies across 11 sectors included in the 2021 Bloomberg Gender Equality Index. The reference index measures gender equality across five pillars: female leadership and talent pipeline, equal pay and gender pay parity, inclusive culture, sexual harassment policies, and pro-women brand. Our inclusion in this global index is testament to our commitment to nurturing diverse talent. #BloombergGEI. Prudential plc is not affiliated in any manner with Prudential Financial, Inc., a company whose principal place of business is in the United States of America or with the Prudential Assurance Company, a subsidiary of M&G plc, a company incorporated in the United Kingdom.

Similar Jobs

People Also Considered

Data Not Available

Career Advice to Find Better

Simple body text this will replace with orginal content