Requirements To ensure confidentiality, integrity and availability of information assets in the company are protected. To report promptly any breach of law, regulation, the company's code of conduct or other company policies and guidelines. To administer and enforce IT Security Policies, Procedures, Standards and Processes to all IT systems and networks. Responsible for on-going risk assessment for IT Infrastructure, System & Process. Compliance with regulatory standards, practices and guidelines (e.g. ISO27001, PCIDSS, BNM RMiT). To ensure proper IT system provisioning to live environment. Consult on effectiveness of corrective actions pertaining to closure of audit findings. Responsible for incident and problem analysis to ensure countermeasure is implemented to prevent reoccurrence. Conduct security awareness training to promote awareness in the organization. Support IT audit tasks (Internal Audit and External Audit). To promote environmental preservation awareness and to participate in Aeon environmental activities. To report promptly any breach of law, regulation, the company's code of conduct or other company policies and guidelines. To ensure adequacy of licenses based on company growth. To review IT assets: NDA, software licenses and service maintenance agreement with proper tracking. Involve in the development and implementation of security program to raise the level of IT security awareness within ITG department. Responsibility Degree in Computer Science, Information Technology, Information System or any related fields. Familiar with standards and requirements such as ISO27001 and that of financial authorities (e.g. ISMS, PCIDSS, RMiT & etc.) will be an added advantage. Preferable 1 to 3 years of IT risk or compliance exposure in service provider, vendor or financial institution. Good communication skills, both verbal and written. Excellent data collection and analysis skills. Strong attention to detail. Good report writing for progress update or incident reporting.