Information Risk and Data Privacy Manager

Information Risk and Data Privacy Manager

Prudential Assurance
4-6 years
Not Specified

Job Description



At Prudential, we understand that success comes from the talent and commitment of our people. Together, we have a shared vision in securing the future of our customers and our communities. We strive to build a business that can shape, an inclusive workplace where ideas are valued and a culture where can thrive together. Our people stay connected and tuned in to what's happening around us, keeping us ahead of the curve. While focused on the long-term, we look to the future to bring growth, development and benefit to everyone whose lives we touch.To help management make risk-aware decisions.
H tr ban lnh o cng ty a ra quyt nh da trn cc nh gi ri ro ph hp.
. To protect confidential, sensitive information, data privacy of business/customers/staff/agents.
Bo v thng tin tuyt mt, thng tin nhy cm, quyn ring t ca cng ty/ khch hng/nhn vin/i l.
Job Responsibilities
1.1 Information Risk Management/
  • Information Risk Awareness programs/
  • Conduct the training information risk security policy for staff.
  • Run information security awareness: IRM Quiz, IRM Roadshows, PruRadio.
  • Translate the awareness materials/security tips from PCA and communicate to all staff.
  • Review the following in operational effectiveness to mitigate risks to information
  • Access matrices,
  • Privileged user IDs activities,

Cc hot ng s dng ca ti khon c quyn h thng,
  • System/devices (e.g. workstations/laptops/servers) settings & logs relating to data protection,
  • Third party contract in term of data protection,
  • Revoking the special access rights of staff about leaving company,
  • Reviewing the special access rights of staff with Head of Department,
  • Reviewing/assessing sensitive information registers and processes,
  • Managing sensitive information registration (including transfers).
  • Reviewing & processing the DLP alert report from the system.
  • Performing Clear Desk check and report about the sensitive information protection in the staff's working area.
  • Liaise with relevant team(s) to ensure local regulatory and legal requirements that affect PVA information are met.
  • Coordinate and submit regular reporting to PCA Information Risk:
  • UDA inventory report,
  • Sensitive Information transfer register, and
  • Information risk incident reporting.
  • Review and approve for special access or exceptions requests from staff.
  • Coordinate and report half year Turnbull and end year Governance exemptions related to information and cyber risk.
  • Coordinate and complete the information risk policy - compliance self-assessment requirements from PCA.
  • Support and consult operational functions as required to manage risks to information appropriately.
  • Support to ensure projects take account of risks to information.
  • Perform Vendor Information Risk Assessment such as technical solution, data storage, data flow diagrams to identify potential risk and propose the risk mitigation controls.
  • Consult and guidance on information risk issues.
  • Attend PCA Information Risk and Privacy annual training conference.
  • Support the implementation of PCA IRM projects to Vietnam.

Data Privacy /
  • Analyze the types of breaches of any Privacy Law or Regulation within company.
  • Provide advice on projects and data sharing.
  • Ensure that the Privacy aspects are properly covered in the governance documents of all systems processing personal data.
  • Monitor the implementation of Privacy standards, policies and procedures within company.
  • Works with relevant team to ensure the company has and maintains appropriate privacy and confidentiality consent.
  • Provide Privacy advice support and regular training for staff.
  • Participates in the development and implementation of all company's agreements to ensure that all privacy concerns, requirements and responsibilities are addressed.
  • Initiates activities to foster privacy awareness within company.

Job Requirements / Yu cu
Qualifications
  • Bachelor's degree in information technology or related field
  • Good awareness of Enterprise Risk Management.

Experience
Mandatory:
  • 4 - 6 years of experience in software development or network administrations.
  • 3-5 years of experience in information risk/audit/compliance.

Advantage:
  • Degree qualified, with a relevant professional qualification such as CISSP, CISM, CEH.

Knowledge and skill / Kin thc v k nng
  • Good written and verbal communication (both English and Vietnamese), interpersonal skills, presentation skills and strong project management experience.
  • Ability to analyze, communicate and governance.
  • Ability to be flexible and work effectively.
  • Customer services and positive mind-set.
  • High sense of responsibility, integrity, and confidentiality.

Competencies / Nng lc lnh o
  • Sees things from the business perspective and proactively makes suggestions.
  • Build the good relationships with business departments
  • Provides guidance/advice to help business users resolve problems.

Cung cp hng dn/t vn gip cc phng ban gii quyt cc vn lin n ri ro thng tin.
  • Build the good relationships within the team, across the region and with stakeholders outside the business

Job Details

Employment Types:

Industry:

Function:

IT

Prudentialplc provides life and health insurance and asset management, with a focus on Asia and Africa. We help people get the most out of life, by making healthcare affordable and accessible and by promoting financial inclusion. We protect people's wealth, help them grow their assets, and empower them to save for their goals. The business has more than 18 million life customers in Asia and Africa.Prudential has been providing trusted financial security for 95 years and is listed on stock exchanges in London, Hong Kong, Singapore, and New York. We are proud to be included in the 2022 Bloomberg Gender Equality Index. The index measures gender equality across five pillars: female leadership and talent pipeline, equal pay and gender pay parity, inclusive culture, sexual harassment policies, and pro-women brand. Our inclusion in this global index is testament to our commitment to nurturing diverse talent. #BloombergGEI . Prudential plc is not affiliated in any manner with Prudential Financial, Inc., a company whose principal place of business is in the United States of America or with the Prudential Assurance Company, a subsidiary of M&G plc, a company incorporated in the United Kingdom.

Similar Jobs

Career Advice to Find Better