IT Risk & Security Officer (English)

Ha Noi , Hoan Kiem, Tran Hung Dao
Xem bản đồ
11 ngày trước

Mô Tả Công Việc

Role Purpose:

  • He/she covers the implementation and maintenance of IT Governance, IS Security governance, Information Continuity plan (ICP), business continuity plan (BCP) in VCLI
  • Ensure the compliance of VCLI IT with the Global and Regional policies, as well as the compliance with the local regulatory requirements


Governance, strategy and planning
  • Localize and implement Governances in scope of IT, IS security, IT Continuity, Business Continuity in VCLI in compliance with Global and Regional policies as well as with local regulatory requirements
  • Develop and maintain a roadmap for his area, encompassing regional requirements and global IT Security strategy
  • Introduce and produce management metrics for the purpose of control and decision making.
Cooperation & contribution
  • Maintain good relationships and actively cooperate with other IT and IT Security teams (local, global and regional) to ensure best IT Governance and Security practices and deliveries in a smooth interaction
  • Work closely with Regional IT Security and Regional IT to follow-up on strategic projects, IT Governance and security issues
  • Cooperation with Regional ETO Teams closely to ensure enforcement of IT Governance and IT Security rules in VCLI
  • Contribute to IT quality and process improvement generally
Project Management
  • Be active part of the validation of IT solution from the beginning of the IT projects
  • Validate the security documents regarding the Head Office project methodology “Harmonie”
  • Have security requirements for the design of IT solutions in the frame of the Security vertical process of “Harmonie”
  • Lead and manage the implementation of IT governance and/or IT security projects in local scope
Risk Management
  • Implement a risk assessment strategy, including methodology, recurring controls, countermeasures and risk mitigation acceptance accordingly to the Regional decisions
  • Define the solutions of Local IT Security accordingly to Regional IT Security guidance
  • Ensure immediate and accurate reporting of any IT Security related incident (intrusion, virus, etc.) to the Regional IT Security and Incident Management processes
Controls & Procedures
  • Coordinate with other departments and other IT team in order to organize and perform all necessary drills, exercises, tests as required by applied policies and procedures
  • Ensure that work is conducted adhering to compliance, data protection (customer & personal data) and other regulatory requirements
  • Minimize operational risks and risks of fraud by implementing regular and sufficient controls related to his position
  • Escalate to his management and/or Operational Risks & Permanent Control any issues identified
  • In charge of ensuring the timely & accurate reporting to Regional IT, Regional IT Security/ Operational Risks & Permanent Control of the Control Plans

Yêu Cầu Công Việc


  • University graduate majoring in IT
Other Required Licenses, Professional Qualifications and Certifications
Essential Criteria
  • Knowledge of various IT Technologies
  • Knowledge of IT Governance and IT Security concepts
  • Knowledge of ISO27001 and/or NIST
Desirable Criteria
  • CISSP certificatio
Years of Related Work Experiences
Essential Criteria
  • At least 3 years experiences handling IT Security or IT Audit/Inspection role.
Desirable Criteria
  • Experience of developing Information Governance policies, procedures, guidance and training
Languages Required
  • Fluent English

Tại Sao Bạn Sẽ Yêu Thích Làm Việc Tại Đây

  • Very attractive salaries that commensurate with work experience.
  • Professional work environment & career advancement opportunities.