Responsible for building, managing, participating in the development of one of the following areas:
a. Information Security Development: Evaluate deployment, develop security solutions/Design, test information security/Ensure compliance with security standards (of Vietnam and International)
b. Information Security Administration: Manage and directly participate in administrative activities on identity and access security/network security/endpoint services and data security
c. Information Security Planning: Manage and directly control the implementation of information security policies and standards for applications, infrastructure of Techcombank and its partners and suppliers, ensure compliance with the Bank's information security requirements.
d. Information Security Testing: Manage and directly perform testing attack activities for technology systems to detect vulnerabilities/weaknesses and provide solution guidance.
e. Information Security Monitoring: Monitor detecting all attack events/incidents as quickly as possible (realtime) based on events aggregated from security systems as well as other technology components.Then alert relevant departments to investigate and react to that event/incident.
To deliver one of the following area of main tasks (*) below:
- Information Security Development;
- Information Security Administration;
- Information Security Planning;
- Information Security Testing;
- Information Security Monitoring;
(*) To be shared details by your Line Manager.
a. Risk management and compliance
- Identify risks of the department during operation, ensure compliance with the bank's processes and regulations. Coordinate with relevant units to measure, assess and handle risks.
- Planning, coordinating, reporting results of risk handling activities according to reports of internal/external audit departments.
b. Human Resource Management
- Allocate and coordinate resources to ensure efficient operation
- Organize training, work guidance for team members under direct reporting level"
Other missions:
- Participate in the implementation and/or support of technology projects
- Organize training, career development orientation for employees, foster and build human resources for the department.
- Perform other related tasks at the request of management levels.
Key Relationships - Direct Manager
IS Manager in line of Information Security
Key Relationships - Direct Reports
Staffs under team
Key Relationships - Internal Stakeholders
Other related departments in the bank
Key Relationships - External Stakeholders
Information security solutions/services companies, quick incident response [protected info]
Success Profile - Qualification and Experiences
Qualifications:
- University Graduated with major in IT, Computer Science or Electronics and Telecommunications
Work Experience:
- Experience in managing information security management in financial / service / telecommunications organizations from 4 years.
- Management role in the field of information security (02 years or more)
- Experience in planning information security/information technology strategy
- Experience in research, design and implementation in the field of information security.
- Having experience in managing security testing attacks in financial / service / telecommunications organizations:
- Experience in researching security holes, developing attack techniques/tools, performing test attacks on technology systems by technical and non-technical measures.
- Other technical requirements, based on each of IS specifications.
Other requirements:
- Experience in Agile Product Development
- Business English requirements according to TCB's policy