• Develop, maintain, enhance and troubleshoot existing applications
• Contribute in all phases of the development lifecycle
• Build reusable code and libraries
• Write well-designed, testable, efficient code

• Review all activity security alert and analyst on endpoint detection and response tool.
• Review, analyst, and to fix vulnerabilities on security assessment to make sure that systems running smoothly.
• To monitor; review, and to recommend security on IT Infrastructure (Firewall, network, servers, application, computers, network devices: Hardware, software, Operating Systems, virtualization, LAN/WAN, ...) or Security information and event management system
• To monitor log files, access to database, intrusion prevention and intrusion detection system and other network activity.
• To monitor, review, implement, and to analyst all security systems to make our systems have compliance security by preventive error happen.
• Check and monitoring all system configurations comply with IT Security standards
• Assist in planning, coordination, and implementation of IT security projects
• Provide security advice and technical subject matter expertise to stakeholders.
• Plan and conduct IT induction or IT security awareness training
• Self-improved knowledge about IT Security and researching for seminars/courses for related skill.
• Perform other task assigned by supervisor/line manager / Head of department.

• Develop and distribute mobile apps for iOS platform
• Ensure the performance, quality, and responsiveness of applications
• Work on bug fixing and improving application performance
• Collaborate with cross-functional teams to define, design, and ship new features
• Translate business requirements into specifications that will be used to implement the required application
• Write clean and maintainable codes according to best practices
• Deliver across the entire app life cycle concept, design, build, deploy, test, release to app stores and support
• Working with the designer to build the interface with focus on usability features
• Standardizing the platform and in some cases apps to deliver across multiple brands with minimal duplication of effort
• Keep up to date on the latest industry trends in the mobile technologies
• Review the code of the team member before merging
• Assist team member to complete their task

• Operate a hands-on role involving penetration testing and vulnerability assessment activities of applications, operating systems, networks, and mobile applications on regularly basis to identify vulnerability across several systems.
• Analyze security policies configuration and provide recommendation based on industry best practices.
• Produce actionable, threat-based, reports on security testing results and present the finding to head of department and management ongoing basis.
• Conduct physical assessments of servers, systems, and network device security.
• Coordinate and lead on external and internal penetration testing projects and provide promptly update to management.
• Consult with application developers, systems administrators, and management to demonstrate security testing results, explain the threat presented by the results, and consult on remediation.
• Promote information governance and security at all levels of management and employees, maintaining and developing a positive culture of compliance against industry standards and regulations.
• Identify and address a full range of issues from structure and policy, through to assisting in specific areas such as data privacy; data leakage prevention / monitoring; information rights management; third party security and cryptography.
• Develop and maintain security assessment testing plans.
• All other matters ancillary to the above and to perform any other related issues that management may require from time to time.

• Conduct research and analysis to stay up to date with current vulnerabilities.
• Conduct analysis of vulnerability scans from sources such assessment tools.
• Write comprehensive risk assessments on impacts of vulnerabilities found.
• Utilize automated and manual testing methods to validate vulnerability testing methods.
• Discover and remediate inadequate security practices.
• Perform after-action reviews of all associated team efforts and products to ensure completion and accuracy of analysis.
• Conduct risk register on exceptional vulnerabilities.
• Respond to any external entities such as auditor on vulnerabilities report and exceptions.
• All other matters ancillary to the above and to perform any other related issues that management may require from time to time.

• Assist to develop and enhance security policies and standards.
• Create plan to review and monitor result of security controls.
• Ensure procedure of each security controls are implemented and managed.
• Report and escalate based on principles and rules of policies and standards.
• Keep improving on review and monitor processes.
• Handle tasks assigned by Line Manager.
• Build a strong collaborative relationship with all Phillip Bank’s specialists and other stakeholders who support your duties.
• Promote cyber security awareness posture at all levels of management and employees by maintaining and developing a positive culture of compliance against IT security policy, industry standards and regulations.
• All other matters ancillary to the above and to perform any other related issues that management may require from time to time.

• Perform existing IT security gaps analyst to comply the regulation (NBC TRM).
• Develop up to date IT security policy, standards, and threats.
• Ensure that all new implementations of solutions are compliant with the security requirements, standards, and regulatory.
• Review IT change management and user access management to comply with current IT Policies and SOPs.
• Perform regular IT security reviews and produce IT assurance and compliance status reports.
• Provide IT security awareness for users.
• Create and manage risk register and work with various teams on ongoing basis to guide the on mitigation.
• Communicate between IT and internal/external audit on required assessments.
• Collaborate with management and the related IT Division to improve security posture.
• Document any security breaches and assess their damage.
• Coordinate and update information security incident response document to ensure processes and procedures are tested regularly in line with IT continuity, business continuity planning (BCP) and disaster recovery (DR) policy.
• Promote cyber security awareness posture at all levels of management and employees by maintaining and developing a positive culture of compliance against IT security policy, industry standards and regulations.
• All other matters ancillary to the above and to perform any other related issues that management may require from time to time.

• Learn many aspects of the business and management through job rotations, assignments, short courses and development programs.
• Learn from senior mentors.
• Competitive salary including insurance coverage.
• Five working days per week
• Designated to a professional role in specific function depending on performance.

• Work closely with the line supervisor to develop and update audit programs, working paper, and audit procedures in IT audit scopes and implement after approval.
• Examine IT internal controls, evaluate the design and operational effectiveness, determine exposure to risk and develop remediation strategies.
• Manage the timeframe for each audit mission as agreed to achieve the plan.
• The audit executions have followed the IT policy, procedure, and standard in order to ensure all kinds of IT risks are covered, managed, and complied with.
• Perform regular audit testing and provide effective recommendations.
• Discuss and clarify the finding with the auditee to find a clear root cause.
• Keep more concerns in each process to ensure that the internal controls are in place.
• Quickly update to a supervisor if there is any suspicious case is discovered.
• Provide recommendations and guidance on identified security and control risks.
• Ensure the audit documents are fully completed information and stored after finish the audit mission.
• Ensure constant capacity building and up to the date of Phillip Bank's business performance.
• Other additional tasks are assigned by the line supervisor

• Manage the own yearly plan with both quality and quantity as assigned
• Manage timeframe for each the audit mission as agreed to achieve both quality and quantity
• Do audit pre-plan before audit execution through data analysis and collection to follow the audit policy/procedure and guideline
• The audit executions have followed the policy, procedure, and audit program to ensure the risks are covered and managed
• Discuss and clarify the issues/gap with the stakeholders to find a clear root cause for effective recommendation
• Keep more focus on the key risk concerns in each process to ensure that the internal control is in place and effective
• Quick update to a supervisor if there is any suspicious case is discovered
• To ensure the audit working are fully completed information after finish the audit engagement
• To ensure constant capacity building and the date of Phillip Bank business performance
• Other tasks required by Line Management