IT Security Senior Officer

Job Description

IT risk and compliance frame work and management
- Develop IT risk management methodology, plan and conduct risk assessment programs for IT systems
- Corporate with IT functions and other departments to develop and update timely the IT risk & control matrix

IT Security standards management
- Research, develop and implement International security standards and other entity requirements (SBV, PCI-DSS …) into company systems
- Co-ordinate with other IT teams to develop technical policies, standards, procedures align with VPB IT security requirements

Reporting and administration
- Control for implementation of IT Security strategy and plans of IT Security
- Control approve the request/changes related to security, control activities of IT security: implementing, operating, vulnerabilities management
- Build up key indicator to monitor and improve IT Security services like SLA, KRI, RPO, RTO, …
- Work with both internal/external audit during audit programs
- Training IT security awareness
- Collect, analysis, buidlup report for IT Security
- Do others jobs assigned by Manager/Director

Job Requirement

- Bachelor or higher degree in Information Technology (HUT, ACT, VNU are preferred) 
- 3 years or more of working experience in IT security banking, good knownleged international IT security standards (ISO 270001, PCI-DSS,…), ITIL
- Have good knownleged about: network security, system security, application security and virus/malwares
- Have good knownleged with pentest with OWSAP Standard and ability discovery & exploit vulnerabilities, cyber attack
- Good using some tools for hacking:  VA, APPScan, Metaexploit, kalilinux
- Experienced in implementing ISO27000/PCI-DSS is preferred
- Have good knownleged with architect, security technology, intergration is preferred