Talent.com
This job offer is not available in your country.
Information security and Business Continuity Risk Management 資訊安全暨營運持續風險管理人員

Information security and Business Continuity Risk Management 資訊安全暨營運持續風險管理人員

Prudential plcTaipei City
26 days ago
Job description

Prudential’s purpose is to be partners for every life and protectors for every future. Our purpose encourages everything we do by creating a culture in which diversity is celebrated and inclusion assured, for our people, customers, and partners. We provide a platform for our people to do their best work and make an impact to the business, and we support our people’s career ambitions. We pledge to make Prudential a place where you can Connect, Grow, and Succeed.

Job Responsibilities :

As a team member of the information security and business continuity risk team, you will be supporting PCALT to :

  • Support assurance and oversight on the effectiveness of controls and procedures within PCALT to ensure compliance with internal control systems, regulatory, global, and local specific policy requirements, and the standards and management processes related to information security risk, privacy risk, and business continuity management.
  • Support and execute various global or internal project activities (including technical and managerial aspects).
  • Perform maintenance and operation tasks for Information Security Management System (ISMS), Personal Information Management System (PIMS), Business Continuity Management System (BCMS), or other international management systems.
  • Assist with internal and external audits, internal control / legal compliance audits, and follow-up on deficiency handling.
  • Monitor various information security reports and implementation status, and assist in tracking and responding to vulnerabilities, intelligence, and alerts.
  • Conduct assessments and reviews of information technology risks.
  • Perform security compliance reviews, technical architecture confirmations or recommendations, and risk assessments for business processes or projects.
  • Assist with company level business continuity related activities, such as office drill, IT DR drill, BIA, etc.
  • Assist with training and awareness programs for risk culture and related topics.
  • Assist with financial and budget management, as well as various departmental affairs.
  • Second line role within risk function.
  • Individual contributor without management responsibilities.

Experience and Qualification :

  • Over 5 years of practical experience in information security, IT governance / risk, privacy risk, Business Continuity Management (company level), IT or related fields. Experience in the financial industry is preferred.
  • Understanding of financial and insurance industry regulations and supervisory systems, with a good internal control and compliance concepts and practices.
  • Good understanding or interest in IT application systems / cloud technologies / infrastructure and related technical security controls and architectures needed to mitigate the risks.
  • Above intermediate English listening, speaking, reading, and writing ability, and good Chinese writing and reading skills (English CV is required in addition to Chinese CV).
  • Desired personal qualities and soft skills include : Ability to work in a team.Communication and coordination skills.Project planning & managementAnalytical mindset.Prudent and attentive to work deliverables and prioritize according to needs.Capable of multitasking.
  • Willingness to accept a hybrid working model (office and remote), with experience in remote team collaboration being a plus.
  • Desirable traits which will be an added advantage : Known as an SME in own functional area and is often sought out after for advice / consultation.Programming background.Practical business continuity management experience in insurance or financial industry.Possession of information security, IT-related, or BCMS related certifications.Familiarity with advanced Microsoft applications (e.g., PowerBI / SharePoint integration) and data analysis skills.

    • Examples of certifications :

  • IT Governance / IT Service Management : ITIL related, ISO 20000 L.A., CGEIT
  • Software and Application Development : DevOps Engineer Professional, Google DevOps Engineer, Microsoft related certifications
  • IT Architecture / Cloud / Network : Microsoft Certified Azure Solution Architecture Expert, (ISC)2 CCSK, CompTIA Cloud Essentials
  • IT Risk Management : CRISC
  • IT Audit : CISA
  • Project management : PMP
  • BCMS : ISO 22301 L.A.
  • IT / Information Security : CISSP, CISM, CompTIA Security
    • Create a job alert for this search

    Security Security • Taipei City