Prudential's purpose is to be partners for every life and protectors for every future. Our purpose encourages everything we do by creating a culture in which diversity is celebrated and inclusion assured, for our people, customers, and partners. We provide a platform for our people to do their best work and make an impact to the business, and we support our people's career ambitions. We pledge to make Prudential a place where you can Connect, Grow, and Succeed.
This role is to drive using cloud service with compliant to support transforming way, the incumbent also build solution to prevent any information risk for PVA from cloud cybersecurity threat.
Vai trò ny thúc đẩy sử dụng dịch vụ điện toán đám mây để hỗ trợ phương thức lm việc mới, vai trò ny cũng bao gồm xây dựng giải pháp để ngăn ngừa rủi ro an ton thông tin cho PVA từ các mối đe dọa trên không gian mạng
Job Responsibilities:
Scope 1: Bảo mật cơ sở hạ tầng
- Measure and enhance current security controls to comply with regulatory requirements.
- Provide reporting and metrics on the state of security ongoing and associated IT security risks.
- Continuously monitor Security operation and vendor's service for all solution in place. (WAF, DLP, AV, NG, PIM…).
- Support IT patch management with special focus around IT security related patches.
- Review security configurations of the systems against regional baseline and identifying gaps between them to fix.
- Controlling Privileged IDs and the release for usage.
- Take part in the implementation of security programs within the local business.
Scope 2: Cyber security Automation
- Automate security controls, data and processes to provide better metrics and operational support
- Reduce time-to-detect and time-to-remediate by driving the automation of applied IT security initiatives from Regional
- Develop innovative solutions to protect networks, assets and products by implementing state-the-art detection, prevention, and response capabilities
Scope 3: Cloud Security
- Support the delivery of PVA's cloud security offering, including security governance, strategy, risk assessments and management, data protection, cloud-based identity and access management, technology/provider-specific architecture and monitoring/analytics both for and in the cloud.
- Evaluated business and technical requirements to identify and implement state-of-the-art security controls and drive continuous improvement in cloud security operations.
Đánh giá các yêu cầu kỹ thuật v mảng kinh doanh để nhận dạng v triển khai các biện pháp kiểm soát an ninh v liên tục cải tiến hoạt động bảo mật trong môi trường điện toán đám mây.
Job Requirements:
- University degree in Information Security or Computer Science with significant demonstrable experience in Information Security
Bằng đại học về an tòa thông tin hoặc khoa học máy tính với kinh nghiệm rõ rng về bảo mật thông tin
- Certification such as CCSP, CCSK, SSCP are desirable but not required.
- A minimum of 5 years relevant experience in Information Security (Technical) with 2 years experience in Cloud Security implantation and operation.
- Broad knowledge of security domains, trends, and technologies (such as threat and vulnerability management, network security, endpoint security, web application security, data loss prevention, encryption, security hardening).
- Technical understanding of various platforms (e.g. Windows, Unix, network, database)
- Be familiar with cloud security frameworks, compliance requirements and security operations.
- Ability to map security controls to compliance requirements for cloud environments.
- Familiarity with Cloud based security technology (Cloud based WAF, DDoS Protection).
- Ability to quickly ramp up on new cloud security technologies.
- Familiarity with industry standards such as PCI DSS, NIST SP-800 Series, CIS 20, CSA CCM.
- Knowledge of risk management principles
- Strong interpersonal and communication skills
- Strong project management experience
- Strong analytical and problem-solving skills
Prudential is an equal opportunity employer. We provide equality of opportunity of benefits for all who apply and who perform work for our organisation irrespective of sex, race, age, ethnic origin, educational, social and cultural background, marital status, pregnancy and maternity, religion or belief, disability or part-time / fixed-term work, or any other status protected by applicable law. We encourage the same standards from our recruitment and third-party suppliers taking into account the context of grade, job and location. We also allow for reasonable adjustments to support people with individual physical or mental health requirements.
