Mô tả công việc
Is responsible for supporting the organization's information security and IT risk management programs.
Involves monitoring security controls, conducting risk assessments, responding to incidents, and helping to ensure compliance with security policies, standards, and regulations.
Works closely with IT, business units, and external partners to protect the organization's information assets and manage technology-related risks.
Is responsible for overseeing the organization's information security and IT risk management strategy, ensuring compliance and resilience.
Monitor and analyze security events, alerts, and vulnerabilities using security tools (SIEM, IDS/IPS, endpoint protection, etc.).
Support the implementation and maintenance of IT security policies, procedures, and controls.
Conduct or assist with IT risk assessments, vulnerability assessments, and security audits.
Respond to security incidents, investigate breaches, and assist in incident reporting and root cause analysis.
Assist in user awareness training and promote security best practices across the organization.
Support compliance efforts with relevant laws, regulations, and standards (e.g., ISO 27001, NIST, etc.).
Maintain and update IT security documentation and risk registers.
Coordinate with IT and business teams to remediate identified risks and vulnerabilities.
Participate in business continuity and disaster recovery planning and testing.
Stay up to date with the latest security threats, trends, and technologies. Provide training and guidance to end-users on IT systems and best practices.
Yêu cầu
Bachelor's degree in IT, or a related field.
3+ years of experience in IT security, IT risk management, or a related IT role.
In-depth knowledge of cybersecurity principles, threat landscapes, and risk management frameworks.
Hands-on experience with security technologies (SIEM, firewalls, IDS/IPS, endpoint protection, DLP, etc.).
Strong understanding of IT infrastructure, cloud security, and application security.
Familiarity with regulatory requirements and industry standards (ISO 27001, NIST, etc.).
Experience with incident response, forensics, and vulnerability management.
Strong analytical and problem-solving skills.
Good communication and interpersonal skills.
High attention to detail and accuracy.
Ability to work independently and as part of a team.
Integrity and commitment to confidentiality.
Willingness to learn and adapt to new technologies.
Strong documentation and reporting skills.
Fluent in Vietnamese and English (both oral & written).
Certified Information Systems Security Professional (CISSP) (Preferred)
Certified Information Systems Auditor (CISA) (Preferred)
ISO 27001 Foundation or similar (Preferred)
Other relevant security or risk management certifications (Preferred)
Quyền lợi
13th month salary
Performance bonus
Health care insurance & accident insurance
16 days annual leave
Lương thỏa thuận theo năng lực và kinh nghiệm.
Thưởng hiệu suất và thưởng theo kết quả kinh doanh.
Thưởng tháng 13 và thưởng lễ, Tết.
Xét tăng lương định kỳ.
Được tham gia đầy đủ bảo hiểm xã hội, bảo hiểm y tế, bảo hiểm thất nghiệp theo quy định.
Bảo hiểm sức khỏe bổ sung.
Khám sức khỏe định kỳ hằng năm.
Phụ cấp ăn trưa và phụ cấp đi lại.
Hỗ trợ thiết bị làm việc.
Môi trường làm việc chuyên nghiệp và thân thiện.
Được đào tạo nội bộ và đào tạo nâng cao chuyên môn.
Cơ hội thăng tiến rõ ràng.
Tham gia các hoạt động team building và du lịch công ty.
Nghỉ phép năm theo quy định và thêm ngày nghỉ theo thâm niên.
Thời gian làm việc linh hoạt (nếu áp dụng).
Hỗ trợ chi phí học tập và chứng chỉ chuyên môn.
Quà tặng sinh nhật và các dịp đặc biệt.
Chính sách phúc lợi cho nhân viên gắn bó lâu dài.
Thông tin chung
Nơi làm việc
- 4th Floor, 63 LTT Building, 63 Ly Thai To Street, Hoan Kiem Ward, Hanoi, Vietnam