Head of IT Compliance & Security

Management Penetration Testing Compliance IT Security

Icon salary Mức lương
Thương lượng
Icon Location Khu vực
Ho Chi Minh

Phúc lợi

13th month salary 13th month salary
Extra health insurance Extra health insurance
Performance bonus Performance bonus
Laptop/desktop for works Laptop/desktop for works
Salary review Salary review

Tổng quan về công việc và trách nhiệm

JOB DESCRIPTION - Ensuring IT systems and applications within our organization meet the needs of the business while adhering to security best-practices, compliance and regulatory requirements. - Develop and implement the identification, assessment and mitigation of information security risks. - Develop and issue policies, procedures and guidelines related to information security in line with company's reality (PCI-DSS, ISO 27001,...). - Be a contact point for reporting information security compliance to competent authorities. - Responsible for the day to day information security operation. - Create high quality reports, ready for review by CIO. - Identify potentially unwanted behavior and patterns of abuse on the system, and take steps to moderate and restrict this behavior. - Conduct the Vulnerability Assessment and Advanced Penetration Testing for: Web Application, Mobile Application, Network, Servers, Workstations. - Fight against threats to user safety (such as account takeover, privileged access abuse, fraud, unintentional data leaks etc). - Creating phishing campaigns and performing physical social engineering to obtain system and building access as well as to gather critical documents and information. - Performing code review: static, dynamic, and manual source code review. - Lead Incident Response activity (Identification, Response, Recovery and security incident investigations). - Perform security audits driving industry standard benchmarks. - Provide security guidance and input to engineering and operational teams during design review and threat modeling. - Develop secure coding practices and recommend technical mitigations for development teams. - Develop hardening guidelines and review security configurations. - Design and implement security patterns, systems, tools, infrastructure and frameworks to protect organization’s intellectual property against all types of threat and adversaries. - Secure design, build, assess and operate industry standard data security solutions for cloud hosted and traditional environments. - Implement data security controls to ensure a secure production environment. - Perform data security risk assessments and provide remediation recommendations. - Research and understand external best practices and emerging technologies for possible incorporation into organizational data security practices. - Work closely with key business partners, internal technology teams and external vendors to research, deploy and configure technologies and processes that strengthen the defenses of the enterprise. - Translate highly technical concepts into business impact and make remediation recommendations.

Kỹ năng và kinh nghiệm tối thiểu

JOB REQUIREMENT - Bachelor degree in Infosec/Computer Science/Computer Engineering/MIS, or equivalent programs. - An expert ability to assess an organization’s attack surface/exposure level. - Expertise in Vulnerability Management, Incident Response/SOC, SIEM. - Experience in the Security planning, coordinating, executing, and reporting of tasks. - Experience performing code and infrastructure design reviews. - Experience in cloud security. - Experience in DLP solutions is a must. - Experience in creating phishing campaigns and performing physical social engineering to obtain system and building access as well as to gather critical documents and information. - At least 06 years Cyber Threat Intelligence, Red team and Blue Team Experience. - At least 05 years of experience operating security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, SIEM, VPN, DLP, IAM, PAM, database security, etc. - Proficiency in Linux, Windows systems engineering/operations. - Relevant professional qualifications such as OSCP, OSCE, OSWE, GPEN, GXPN, CHFI would be an advantage. - Familiarity with building, deploying, maintaining security controls. - Active within the security community. - Strong familiarity with at least one of the following: OWASP Top 10, PTES, or NSA Vulnerability and Penetration Testing Standards. - Knowledge of international standards such as PCI-DSS, ISO 27001, etc. - Strong analytical, Logical thinking and problem solving capabilities. - Team-work spirit and professional working behavior. - Able to research new knowledge and technology. - Ability to work effectively with cross function team to complete multiple projects with changing priorities and meet deadlines. - Strong business writing skills. - Exceptional communication skills.

Tại sao ứng viên nên làm ở đây

WHAT WE OFFER Mirae Asset Finance Company Vietnam aims to build a "Professional - Friendly - Effective" working environment. Our strategic objective is to provide a working place with attractive package, growth opportunity, and sustainable development. - Attractive packages with 13th salary year-end bonus and a week trip to Korea in order to recognize all your good performance and effort at MAFC. - 15 days annual leave. - Annual health check, company events. - Annual healthcare insurance package from senior level and above. - Young and proactive environment; no barriers, no limitation for new idea. - Flexible internal career opportunity.

Ưu tiên có kỹ năng và kinh nghiệm

- An advance degree, such as MBA, Master degree is a plus. - Working experience in related fields: Finance, Banking, Fintech,.. is prefer

Báo cáo cho

BOD

Quá trình phỏng vấn

Round 1 with HOD and Round 2 with BOD

Nink Vo

Headhunter | Recruiter
Verified
employee 80 ứng viên
cup 19 phỏng vấn
health 6 offers

Ứng tuyển vào công việc này

Thành công!

Cảm ơn bạn, bạn đã gửi thông tin thành công.

← Xem thêm công việc của Nink Vo
upload Nhấp vào hoặc kéo thả tệp vào để tải lên Chỉ có thể tải lên 1 tập PDF (3MB)

Nink Vo

Headhunter | Recruiter
Verified
Icon employee 80 ứng viên
Icon cup 19 phỏng vấn
Icon health 6 offers

Công việc đã hoàn thành (6)