Manager, Information Security and IT Governance

Phnom Penh
Posted 2 years ago

Job Description

J Trust Royal is a joint venture between J Trust, a Japanese diversified financial holding company listed on the Tokyo Stock Exchange, and The Royal Group, one of Cambodia’s largest conglomerates. J Trust Royal Bank commenced operations in Cambodia in August 2019 following the acquisition of a majority shareholding in the bank formerly known as ANZ Royal.

About The Role

Role Location: Phnom Penh

Role Type: Permanent, Full-time

Manager, Information Security and IT Governance is reported to Head of Information Technology and responsible for supporting, monitoring and implementing of effective controls to protect bank systems and customer data in alignment with bank policy and regulatory requirements.

Key accountabilities are:

  • Provide the excellent supports on overall aspects of Information Security, IT Governance, IT Risk, IT Audit and IT Compliance
  • Provide the consultative information security governance, risk, and compliance advisory services for IT systems and services, balancing appropriate security, business goals, and enterprise priorities to achieve collaborative outcomes to challenging business problems/objectives in a secure way
  • Ensure in monitoring and implementing effective process and system controls to protect bank and customer data in alignment with bank policy and regulatory requirements
  • Ensure in supporting increased knowledge and awareness of Information Security & Technology Risk with key stakeholders and staffs
  • Ensure in preparing and managing the budget required by applicable controls for information security and technology risk
  • Develop a strategy for the deployment of information security technologies
  • Manage the proper periodic review for System ID Access, Data Centre, IT Store Room, Standalone PC Controls, Encrypted USB, USB Exemption and QA (Quality Assurance) tests for other IT controls
  • Identify new threat in the market and evaluate the threat with related SMEs (Subject-Matter Expert) included IT Team, Vendors and relevant departments to define the severity and impact, follow up with communication and dashboard to track the remediation progress as required
  • Manage end-to-end for the investigation of information security violations and breaches
  • Provide the strong supports for key IT projects driven by Security, Risk, Audit and Compliance
  • Facing into internal audit and external regulatory engagements to support positive outcomes, and drive execution of associated treatment plans
  • Ensure in reviewing and keeping up-to-date IT Policies, IT Processes and IT Procedures
  • Other relevant tasks assigned by line manager

About You 

To be successful in this role, you will ideally bring the following –

  • Bachelor’s Degree in Computer Science/Information Technology or equivalent
  • Master’s Degree in Business Administration (MBA) will be an added advantage
  • Certified or Completed the formal training in CISSP, CISA, CISM, ITIL, COBIT, PCI DSS, EC-Council (CND/CEH), Cisco Security or Microsoft (MTA/MCSA) will be an added advantage
  • At least 6 to 8 years of IT employment experience (preferred in private sectors: Bank, Insurance, MFI, ISP or IT System Integration)
  • At least 3 to 4 years of management level’s experience in IT Department
  • Passionate in Cyber Security, Quality Assurance, Regulatory & Compliance, and Governance of Enterprise IT
  • Strong understanding of the key aspects of IT which includes Application implementation & support, IT Infrastructure, Vendor & Contract Management, Cyber Security, IT-related regulatory requirements, IT audit, IT governance, IT roadmap & Strategic planning, Risk management and Business continuity planning
  • Strong understanding of Operational risk and Compliance Framework principles and practices
  • In-depth knowledge of current & emerging regulatory requirements impacting Technology & Information Security
  • Experience with some controls of information security such as Security Patch Management, System Vulnerability Identification, Network Security, Identity & Access Management, Security Awareness, Data Loss Prevention, Cryptography, Information Classification, Information Handling, and Information Security Incident Management
  • Experience with IT Auditing by internal auditor, external auditor and NBC
  • Experience with supporting and implementing on Core Banking, ATM Switching, Visa, Master, UPI, SWIFT, Credit Card System, Internet Banking, NBC Clearing House, NBC FAST Payment and NBC CSS (Cambodian Shared Switch) will be preferred
  • Experience in IT Programming, Enterprise Application Development, Database Administration or Project Implementation will be an added advantage
  • Experience in performing security monitoring and response capabilities on cloud platforms (Amazon Web Services, Microsoft Azure or Google Cloud Platform) will be an added advantage
  • Preferred Technical knowledge of mainstream operating systems (Windows/Linux) and wide range of security technologies such as network security appliances and anti-malware solutions
  • Ability to convey security concepts related cybersecurity events to both technical and non-technical audiences
  • Ability to manage and analyse data with Microsoft Excel or Microsoft Access
  • Strong working knowledge of malware in its varying forms, common delivery mechanisms, and common mitigation steps
  • A self-initiated, motivated person, highly flexible, fast learner and a pro-active team player who can work with minimal supervision
  • Ability to multi-task, prioritize, and manage time effectively
  • Quality mindset with prevention attitude to attain zero defects
  • Well-developed analytical skills and the ability to provide clarity to complex issues, and synthesize large amounts of information
  • Ability to articulate and clearly communicate complex problems and solutions in a simple, logical and impactful manner
  • Team management and leadership experience (direct & indirect) 

Our People 

We know that any successful organisation is only as good as its people and so at J Trust Royal we value our people and recognise that they are our greatest strength.

Our people are capable, diligent, hard-working, ambitious and caring. They come from all backgrounds and can understand the perspectives of, relate to, and support our customers and their unique financial needs.

Our aim is to provide opportunities to maximise potential for personal growth and by creating a vibrant, energetic, high-performing and open culture.

We listen to feedback from our people and provide programs and opportunities to ensure they feel a sense of achievement and personal connection to their work and career with us.

We work flexibly at J Trust Royal. Talk to us and let us know how this role can be flexible for you.

To find out more about working at J Trust Royal or to view other opportunities visit

For more information about this opportunity please contact:


Deadline: 3rd February 2020

Job Features

Job CategoryNetwork, System Administration

Apply Online