Manager – Information Security (ISO) – Allianz Ayudhya Assurance Public Company Limited

Job Summary:

The candidate will be in the team of the Companies information security office. Information security team communicates directly and regularly with the Information Security Officer (ISO) and may be the Region and Group Information Security Office or a member of the Information Security Core Group.

The information security manager must meet their responsibilities which include: Ensure that the GISF (Group Information Security Framework) and the Company specific information security requirements are fulfilled; especially by governing the implementation of the GISF and monitoring and reviewing the resulting processes and mechanisms.

Key Responsibilities:

  • Define and enable the Companies specific action plans to attain and maintain compliance to minimum requirements, security standards and Operation Entities (OE) specific requirements
  • Advise the ISO in all information security related issues, regularly report about the information security status to the ISO
  • Govern investigations of information security incidents and escalate to the Group Information Security Officer based on incident severity
  • Immediately escalate to ISO identified breach of the requirements from the GISF
  • Liaise with and report to the ISO
  • Communicate applicable corporate rules relevant to Information Security in coordination with the ISO
  • Prepare the Compliance Report for GISF for the ISO
  • Ensure that security Service Level Agreements including controls are defined and monitored for used IT services or IT services provided to other related Company
  • In respect to these responsibilities the information security team must have a local reporting line (e.g. by regular information meetings, reports) to the ISO


  • Bachelor degree or above in computer related field or equivalent
  • Experience in the Information Security role for 3-5 years
  • CISM (Certified Information Security Manager) is a must
  • CISSP (Certified Information Systems Security Professional) is optional
  • Good English communication skills are required
  • Understanding of Insurance Business and information technology
  • Statistical report and systematic thinking, Technical & Professional Skills and Qualities

Source link