IT Governance Risk Compliance (IT GRC)

Mô tả Công việc
I. Job Objectives:
1. Job Purpose:
Responsible for supporting the implementation of policies, procedures, and activities related to Information Security (IS) across the organization. Acts as the focal point between the HR Department and IT/Tech Departments to ensure awareness, training, and compliance with information security regulations throughout the company.
2. Key Responsibilities:
Develop and disseminate internal information security policies in accordance with ISO/IEC 27001.
Plan and organize regular information security training sessions for all employees.
Collaborate with IT/Tech teams to implement security programs, including testing and attack simulations (e.g., phishing simulation, security drills).
Monitor, record, and report non-compliance with information security policies.
Participate in developing onboarding/offboarding processes to ensure security measures (e.g., account, device, and data revocation).
Organize awareness-raising activities such as Security Day, IS newsletters, and surveys.
Stay updated on standards, knowledge, and legal regulations related to personal data protection (e.g., Decree 13/2023/NĐ-CP).
Support the HR department in updating/improving work processes.
Working hours: Monday - Friday (8:00 AM - 5:00 PM). Saturday mornings (8:00 AM - 12:00 PM).
Workplace: 568 Luy Ban Bich, Hoa Thanh Ward, Tan Phu District, HCM City.