Information Security DirectorInformation Security Director
Hình thức: Toàn thời gian
Ngày đăng: 10/09/2024
Hạn nộp: 11/09/2024
Vị trí công việc này hiện tại đã hết hạn nộp hồ sơ, bạn có thể tham khảo thêm một số công việc liên quan phía dưới
Mô tả công việc
1. Oversee IT security risk and vulnerabilities managemen
2. Develop security strategy and roadmap
3. Establish and implement security-related policies and guidelines
4. Own the information security initiatives for IT Division.
5. Design and build the security practice and the organization's security architecture
6. Provide leadership in project(s) to ensure "security design" principles and approaches are incorporated into IT systems
7. Manage and report on IT/cyber security vulnerabilities and risks. Including performing periodic IT security control testing, (e.g., vulnerability testing, risk analysis and security assessments) are carried out and remediate gaps identified within defined timeframe
8. Perform PCI-DSS Assessments and fulfil PCI-DSS obligations for current and new projects and systems
9. Conduct IT security awareness through regular publishing of monthly security updates/bulletins and trainings (e.g., brown bags) to improve IT security knowledge of users and IT staff. Provide advice and consultancy on security risks and controls
10. Manage IT/ Cyber security incidents and liaise with various IT functions, Risk and Compliance, and business users
11. Direct external vendors/investigators in conducting electronic discovery and digital forensic investigations when required
12. Participate and working with other high-level executives to establish disaster recovery (DR) and business continuity plans
13. Develop and monitor comprehensive cybersecurity program
14. Establish cybersecurity risk management process
15. Establish a metric and reporting framework
16. Establish and build internal and external relationship
17. Monitor the external threat environment and advise on appropriate actions
18. Develop and implement incident response process and policies
2. Develop security strategy and roadmap
3. Establish and implement security-related policies and guidelines
4. Own the information security initiatives for IT Division.
5. Design and build the security practice and the organization's security architecture
6. Provide leadership in project(s) to ensure "security design" principles and approaches are incorporated into IT systems
7. Manage and report on IT/cyber security vulnerabilities and risks. Including performing periodic IT security control testing, (e.g., vulnerability testing, risk analysis and security assessments) are carried out and remediate gaps identified within defined timeframe
8. Perform PCI-DSS Assessments and fulfil PCI-DSS obligations for current and new projects and systems
9. Conduct IT security awareness through regular publishing of monthly security updates/bulletins and trainings (e.g., brown bags) to improve IT security knowledge of users and IT staff. Provide advice and consultancy on security risks and controls
10. Manage IT/ Cyber security incidents and liaise with various IT functions, Risk and Compliance, and business users
11. Direct external vendors/investigators in conducting electronic discovery and digital forensic investigations when required
12. Participate and working with other high-level executives to establish disaster recovery (DR) and business continuity plans
13. Develop and monitor comprehensive cybersecurity program
14. Establish cybersecurity risk management process
15. Establish a metric and reporting framework
16. Establish and build internal and external relationship
17. Monitor the external threat environment and advise on appropriate actions
18. Develop and implement incident response process and policies
Yêu cầu
1. Educational Qualifications
• Bachelor in IT/Computer Science & CISSP/CISA (preferred)
• Other higher qualifications / certificates is a bonus
2. Relevant Knowledge/ Expertise
• At least 10 year of relevant experience
• Strong technical skills in one or more of the following: network, application and operating system security and hardening, vulnerability assessments and penetration testing, TCP/IP suite, firewalls, Security Information & Event Management (SIEM), Data Loss Protection (DLP), Intrusion detection systems, log review, incident management)
• Knowledge in Security compliance, in particular PCI-DSS.
• Knowledge of ISO 27001/2 information security standards
• Knowledge of current IT industry trends.
• Knowledge and understanding of relevant legal and regulatory requirements.
• Knowledge of common information security management frameworks.
3. Relevant Experience
• Strong technical skills in one or more of the following: network, application and operating system security and hardening, vulnerability assessments and penetration testing, TCP/IP suite, firewalls, Security Information & Event Management (SIEM), Data Loss Protection (DLP), Intrusion detection systems, log review, incident management)
• Knowledge in Security compliance, in particular PCI-DSS.
• Knowledge of ISO 27001/2 information security standards
• Knowledge of current IT industry trends.
• Knowledge and understanding of relevant legal and regulatory requirements.
• Knowledge of common information security management frameworks.
• Bachelor in IT/Computer Science & CISSP/CISA (preferred)
• Other higher qualifications / certificates is a bonus
2. Relevant Knowledge/ Expertise
• At least 10 year of relevant experience
• Strong technical skills in one or more of the following: network, application and operating system security and hardening, vulnerability assessments and penetration testing, TCP/IP suite, firewalls, Security Information & Event Management (SIEM), Data Loss Protection (DLP), Intrusion detection systems, log review, incident management)
• Knowledge in Security compliance, in particular PCI-DSS.
• Knowledge of ISO 27001/2 information security standards
• Knowledge of current IT industry trends.
• Knowledge and understanding of relevant legal and regulatory requirements.
• Knowledge of common information security management frameworks.
3. Relevant Experience
• Strong technical skills in one or more of the following: network, application and operating system security and hardening, vulnerability assessments and penetration testing, TCP/IP suite, firewalls, Security Information & Event Management (SIEM), Data Loss Protection (DLP), Intrusion detection systems, log review, incident management)
• Knowledge in Security compliance, in particular PCI-DSS.
• Knowledge of ISO 27001/2 information security standards
• Knowledge of current IT industry trends.
• Knowledge and understanding of relevant legal and regulatory requirements.
• Knowledge of common information security management frameworks.
Quyền lợi
Thưởng
13th monthly salary, Performance Bonus
Chăm sóc sức khoẻ
Healthcare Plan and Insurance package
Khác
Professional FDI working environment
13th monthly salary, Performance Bonus
Chăm sóc sức khoẻ
Healthcare Plan and Insurance package
Khác
Professional FDI working environment
Thông tin khác
NGÀY ĐĂNG
[protected info]
CẤP BẬC
Giám Đốc và Cấp Cao Hơn
NGÀNH NGHỀ
Công Nghệ Thông Tin/Viễn Thông > Bảo Mật Công Nghệ Thông Tin
KỸ NĂNG
Information Security Testing, IT Security
LĨNH VỰC
Tài Chính
NGÔN NGỮ TRÌNH BÀY HỒ SƠ
Bất kỳ
SỐ NĂM KINH NGHIỆM TỐI THIỂU
Không yêu cầu
QUỐC TỊCH
Không hiển thị
Xem thêm
[protected info]
CẤP BẬC
Giám Đốc và Cấp Cao Hơn
NGÀNH NGHỀ
Công Nghệ Thông Tin/Viễn Thông > Bảo Mật Công Nghệ Thông Tin
KỸ NĂNG
Information Security Testing, IT Security
LĨNH VỰC
Tài Chính
NGÔN NGỮ TRÌNH BÀY HỒ SƠ
Bất kỳ
SỐ NĂM KINH NGHIỆM TỐI THIỂU
Không yêu cầu
QUỐC TỊCH
Không hiển thị
Xem thêm
Giới thiệu công ty
Information Security Director
Việc làm tương tự
[Hà Nội] Nhân Viên Marketing Ads (Đào Tạo 1-1)
CÔNG TY TNHH THƯƠNG MẠI VÀ ĐẦU TƯ BIG HOLDING
15 Triệu - 20 Triệu VND
Hà Nội
16/10/2024
KỸ SƯ AN TOÀN THÔNG TIN (GIÁM SÁT AN NINH THÔNG TIN)
Công ty Cổ phần Viễn thông FPT - FPT Telecom
thỏa thuận
Hà Nội
31/10/2024
Kỹ Sư An Toàn Thông Tin (Security Engineer)
CÔNG TY CỔ PHẨN TẬP ĐOÀN MK
Thỏa thuận
Hà Nội
10/11/2024
Kỹ sư Bảo Mật Hệ Thống Thông Tin
CÔNG TY CỔ PHẦN TẬP ĐOÀN VÀNG BẠC ĐÁ QUÝ DOJI
15 - 25 triệu
Hà Nội
10/11/2024
Kỹ Sư Bảo Mật Hệ Thống Thông Tin
CÔNG TY CỔ PHẦN TẬP ĐOÀN VÀNG BẠC ĐÁ QUÝ DOJI
Thỏa thuận
Hà Nội
21/10/2024
Vị trí Information Security Director do công ty Information Security Director tuyển dụng tại Hà Nội, Joboko tự động tổng hợp mức lương Thỏa thuận, tìm thêm việc làm về Information Security Director hoặc công ty Information Security Director ở các link phía trên
Giới thiệu công ty