Senior Security Compliance Specialist

• Establish, maintain, monitor and improve the Information Security Management System (ISMS) by following ISO 27000 family, and also meet compliance requirements such as SOC2, HIPAA, GDPR, ISO 42001, WCMS (Workplace Condition Management System), etc. 

• Monitor security policies, processes and procedures to ensure compliance with Client’ security requirements and applicable government legal and regulations.

• Develop best practices and security standards; implement security improvements by assessing current situations, evaluating trends and maintaining security controls.

• Determine security violations and inefficiencies by conducting periodic security audits to identify potential vulnerabilities related to asset protection, ensure operational security controls are implemented and maintained properly.

• Report non-conformity issues to the management and propose countermeasures for those issues to renovate the organization and operation of the Company in order to continuously improve the efficiency of business.

• Evaluates security trends, evolvement of threats, vulnerabilities, and performs risk assessment and treatment plan; coordinate with related parties for consulting on remediation.

• Develop and train employees for security awareness with best practices and company regulations/policies.

• Develop and improve business continuity planning and disaster recovery procedures.

• Perform other duties as assigned by higher level.

1. Knowledge and skills:

• 5+ years of working experience within IT Security Compliance function in medium or enterprise level. Prefer to technology, banking, fintech, auditing or internal control firms.

• Have knowledge and experience in building Information Security Management System by following industrial security standards like SOC 2, ISO 27001, HIPAA, ISO 42001, etc, and WCMS (Workplace Condition Management System).

• Have knowledge and experience in auditing activities of internal controls on IT security practices on-premise or cloud-based platforms.

• Demonstrate ability to work independently or as part of a team to achieve team goals.

• Demonstrate good logical thinking, problem-solving, management skills.

• Ability to effectively prioritize, take ownership and execute tasks in a high-pressure environment.

• Highly motivated, self-directed.

• Good at English in communication skills including oral and written.

2. Education/Training Preferred:

• Bachelor’s degree in Computer Science, Auditing, Business Administration and Operations Management related field or equivalent work experience.

• Certification of ISO 27001 Lead or lead internal auditor, CISA, CISM or other equivalent certificates is an advantage.

Perks You'll Enjoy 

• Working in one of the Best Places to Work in Vietnam
• Building large-scale & global software products
• Working & growing with a Passionate & Talented Team
• Diverse careers opportunities with Software Services, Software Product Development, IT Solutions & Consulting
• Attractive Salary and Benefits
• Annual performance appraisal and performance bonus
• Onsite opportunities: short-term and long-term assignments in North America (U.S., Canada), Europe, and Asia.
• Flexible working time
• Various training on hot-trend technologies, best practices and soft skills
• Premium healthcare insurance for you and your loved ones
• Company trip, big annual year-end party every year, team building, etc.
• Fitness & sport activities: football, tennis, table-tennis, badminton, yoga, swimming…
• Joining community development activities: 1% Pledge, charity every quarter, blood donation, public seminars, career orientation talks, …
• Free in-house entertainment facilities (foosball, ping pong, gym…), coffee, and snacks (instant noodles, cookies, candies…)

And much more; join us and let yourself explore other fantastic things!