Expert, Cloud Security

3 Lý do để gia nhập công ty

• People Development
• High promotion opportunities
• Very attractive salary package

Mô tả công việc

1. Cloud Cybersecurity risk and compliance framework and management:

• Accountable for development of the Cloud Security Design framework for new technology solutions.
• Responsible for embedding best practice security through evaluation of suppliers.
• Responsible for establishing security requirements needed to provide services securely.
• Ensure compliance to current standards ISO27001, 27017-27018, PCI-DSS.
• Defining requirements for risk and security and ensuring they are achieved.
• Drive cyber security strategy compliance.
• Align activities to current BAU audit activities from legacy business to ensure consistency in approach.
• Manage and liaise with regulators.
• Identify, highlight and remediate information security risk in the Bank

2. Policy, Standards and Processes:

• Planning, studying and then designing a resistant security architecture for various IT/IT Security projects (clould/onpremise).
• Test and evaluate new security solution/new security technology.
• Make sure that all workers follow the necessary corporate security policies and procedures that are defined, developed, implemented, and maintained for a seamless workflow.
• Buildup/develop security architect rule and apply to practice.
• Comply with the Bank’s Information Security Policy, Regulations, Standards, and Process.
• Provide feedback to enhance the current policies, regulations, standards and processes where necessary.
• Communicate and ensure all staff understands and comply with the Information Security Policy, Regulations, Standards and Processes

3. Operations, Reporting and Administration:

• Ensure that the Information Security Strategy and Plans are implemented as planned.
• Ensure that Information Security process are followed diligently. This may include Risks Management, Operating Security Services/Tools to support the Information Security Program of the Bank.
• Control approve the request/changes related to security, control activities of IT security: implementing, operating, vulnerabilities management.
• Contribute to the IT Security Dash Board for Management.
• Work with both internal/external audit during audit programs.
• Training IT security awareness.
• Collect, analyze and produce report for IT Security every month

4. Area of Information Security Specialization:

• Provide the appropriate guidance and advisory in the area of specialization.
• Be able to contribute to the Bank in terms of documentation, transfer of ideas and implementing the plans in the area of specialization.

Yêu cầu công việc

1. Trình độ đào tạo/ Educational Qualifications

• Bachelor's or Technical Degree Required (IT, Cryptography, computer science, information systems, business administration or other industry-related curriculum).
• Has appropriate subject matter expertise in their area of information security specialization.

2. Kiến thức/ Chuyên môn cần có/ Relevant Knowledge/ Expertise

• Have at least a minimum of 5 years of experience in the area of specialization.
• Have a good knowledge international IT security standards (ISO 270001, PCI-DSS,…), ITIL.
• Work experience with one or more cloud service providers.
• Deep understanding of cloud service architecture with emphasis on security in the cloud.
• Solid understanding of modern information security methodologies and standards, especially in cloud environment.
• Cloud/Security certification desired.
• Knowledge and experience supporting IAM, security operations and threat response.
• Practice with modern DevSecOps with automation (nice to have)Ability to automate repetitive tasks (scripting skills in Bash/PowerShell/ Python).
• Have good knowledge about: network security, system security, application security and virus/malwares, secure coding.
• Expert with architect, security technology, integration.
• Have good knowledge with pen test with OWSAP Standard and ability discovery & exploit vulnerabilities, cyber attack.
• Good knownleged some tools for hacking:  VA, APPScan, Metaexploit, kalilinux.
• Experienced in implementing ISO27000/PCI-DSS is preferred.
• Have good knowledge with secure coding with some languages: Python, Shell, PHP and have good knowledge with encryption, cryptography techniques.

Tại sao bạn sẽ yêu thích làm việc tại đây

Our corporate culture is nurtured and built on six core values.

Join VPBank, you will experience a great opportunity to work in our professional environment with ‘Customer Focus’ and ‘Trust’ orientation. With more than 7.000 employees with various positions from back office to front office, we all have our clients and the priority of every position is to gain their reliance and commitment. Your contribution will be the measure of our organization’s success.

We provide ‘not just a Job, but a Career’. ‘People Development’ is chosen to be one of the most important corporation’s strategy. We create product training courses and give on-the-job training for newcomers & employees as well as organize many exciting internal activities to connect people. Ambitious and eager to thrive, we also have bonus & rewards to recognize best-sellers and excellent employees.

VPBank is becoming a desirable destination for talent in the banking and finance industry. You will receive great support from your colleagues and managers with modern technology facilities. We believe that the strength raises from within, thus we create a diverse but unified, proactive and flexible working environment for enhancing our ‘productivity’.

‘Make the difference’, you can shine bright!