Senior Manager, Information Security
At Prudential, we understand that success comes from the talent and commitment of our people. Together, we have a shared vision in securing the future of our customers and our communities. We strive to build a business that you can shape, an inclusive workplace where everyone's ideas are valued and a culture where we can thrive together. Our people stay connected and tuned in to what's happening around us, keeping us ahead of the curve. While focused on the long-term, we look to the future to bring growth, development and benefit to everyone whose lives we touch. Job Purpose:
- Provide Regional IT Security, Assurance services to Local Business Units and Regional counterparts in the Asia region.
- The scope covers Application Security focusing on Web Application Firewall initiatives, project management ,deployment and integration in the Regional Technical Assurance Team, IT Security operations processes enhancements, products and technologies evaluation, development of procedures and standards, as well as reporting and metrics.
- Plan, manage, coach and guide Vulnerability & Compliance Management team so as to ensure team is consistently motivated, inspired, focus and on track to deliver high performance consistently.
- Plan, manage and administrate infrastructure security vulnerabilities operation such as servers, endpoint, network devices, and external devices, to identify the vulnerabilities, operate efficiently and timely communication to stakeholders.
- Plan, manage and administrate configuration scanning operation to identify the gaps and to ensure timely communication to BUs.
- Plan, manage and administrate Data Loss Prevention (DLP) operations to identify the gaps and to ensure timely communication to BUs.
- Plan, manage and review the firewall rules to identify the gaps and to ensure timely communication to BUs.
- Develop, review, improve and coordinate the IT Security Configuration Standards on infrastructure related platform on yearly basis to improve the security configuration standards within the company.
- Plan and manage Infrastructure Security Operation new initiative and operation improvement to align with RITS strategies and roadmap and improvement on operational effectiveness.
- Plan, engage and manage key stakeholders (such as LBU, RT) for all Infrastructure Security Assurance related matters to ensure stakeholder concerns are understood, conflicts managed and addressed effectively, relationships are maintained so as to better influence key decisions for better work effectiveness.
- Plan, monitor and manage day-to-day operations of the Infrastructure Security and Metrics Reporting service catalog to meet the SLA which defines on the service catalog.
- Plan, manage, administrate and coordinate incident on infrastructure security scanning tools such as Qualys, Nessus, Websense to ensure the platforms are updated with 99% uptime and have no negative impact to business
- Bachelor degree in Computer Science/Information Systems/Business Information Systems
- Good written and spoken communication in English.
- 5 year of IT Security Operations Management
- 2 Years People Management experience
- Vulnerability Management Products Management experience (ie. Qualys/ Nessus)
- ITIL Certification
Value add if have Information Security Certifications: CISSP, CISA, CRISC