1. Responsibilities 

• Develop and enhance Information Technology (IT) security-related Policies, to align with standard framework including but not limit to ISMS (ISO/IEC/ 27000 series), PCI, NIST 
• Develop and enhance Manual and Standard Operating Procedure in Information Security Department, and review Manual and Standard Operating Procedure of IT related departments/units to ensure the alignment with the bank standard policies
• Conduct control gap analysis program and recommend risk mitigation and control processes for information security and prevent incidents happened by vet through IT General Controls testing.
• Perform compliance check and report on IT Policy to related department 
• Review on Service Level Agreement (SLA) with vendor or third party by evaluation, compliancewith security measures and renewed accordingly when expired 
• Maintain appropriate security measures and mechanisms to guard against unauthorized accessto critical banking systems and project against reasonably anticipated threats and hazards. 
• Coordinate IT auditing with Internal and External auditors 
• Ensure that all new implementations of solutions are complied with the information securityrequirement and best practices 
• Contribute to the development of information security standards and procedures for businessunits consistent with corporate security objectives and generally accepted and leading edgeInformation Security practices and professional security standards 
• Monitor compliance with IT security policies and procedures among employees, contractors,alliances, and other third parties and referring problems to appropriate related stakeholders
• Develop and conduct training on Information Security awareness program to all staffs to bring security into the forefront and make it a recognized entity for users, or establish foundation of security understanding across the entire bank and to ensure all system users effectiveimplementation and compliance with established IT security policies and procedures 

• Bachelor/Master Degree in Information Technology, Information Security, Cybersecurity, or related field 
• At least 4 – 7years’ experience related to Information Security, IT auditing and Quality Assurance 
• Other certification of Information Security, Quality assurance is preferred 
• Knowledge and experience with security regulations and standards including NIST, SANS, PCI,ISO/IEC, CIS, IT policy development and gap analysis Good Communication and Leadership skills 
• Good at English and Microsoft Office (Words, Excel and PowerPoint) 

• Interested candidates are encouraged to apply via job@sathapana.com.kh 
• For more information, please contact us at 023/ 081 999 010/ 096 257 9666 or go tohttps://www.sathapana.com.kh/careers/job-opportunity/