Job Description
About Company
Principal duties:
- Responsible for the entire Information Security system of Swiss Post Solutions Viet Nam.
- Ensure information security posture of Swiss Post Solutions Viet Nam is aligning with Swiss Post Group.
- Continuous improve of the existing IT Security Framework based on ISMS/ISO 27001.
Your role & responsibilities
- Identify, analyze IT security risks (technical, people, legal…) and provide resolution to eliminate or reduce the risk.
- Review the compliance of IT security with company policy & ISMS/ISO 27001.
- Design, implement the security systems to protect network system against security threats (virus, Trojans, malware, spyware, malicious code, attacker/hacker…).
- Responsible for design, implement the SIEM (security information event monitoring) system including (centralized log, IDS, IPS ….).
- Member of Change Advisor Board to give recommendation for other teams when applying the importance change on core switches, firewall, cloud, etc.
- Deliver the security information & report (including vulnerability & exploitation news, security patches, fixes) and support operational team to implement the fixes/patches.
- Deliver the information security system scanning, application penetration testing (OWASP standard) and support operational team to implement the fixes/patches.
- Ensure BoM (Board of Management) is kept fully aware of the risks identified and progress of rectification, can report directly to CEO in emergency case.
- Maintains professional and technical knowledge by attending educational workshops; reviewing professional publications; benchmarking state-of-the-art practices.
- Train and support staffs on IT security matters.
- Co-ordinate with other teams (Infrastructure, Software, IT operation) and customer to ensure the SLA of Monitoring services as a Service Owner.
- Working, collaborate with global Security team and report to SPS CISO.
- Other duties as assigned by IT Manager.
Your skills & qualifications
Education: University Degree in Computer Science or IT equivalent training.
Technology skills and experience:
- 5 years or more of working experience in IT-related environment.
- Information system design and implementation.
- Wide knowledge in different area (network, server hardware, system, database, software …).
- Deep knowledge in TCP/IP, security & system analysis / hacking.
- Linux, Windows Server, Virtualization, Cloud Security Controls.
- ISMS/ISO 27001 working knowledge or technical implementation knowledge is required, PCI DSS is an advantage.
Soft-skills:
- English communication.
- Strong troubleshooting & analyzing.
- Customer oriented.
- Problem solving, negotiation.
Benefits for you
- Tet Bonus & Performance bonus.
- Meal allowance, free parking.
- Accidental and health-care insurance, annual heath check up, flu vaccination.
- We provide opportunities to learn and grow through different types of training, Talent Development, Succession planning as well as promotions or transfers.
- Company trip.
- Happy Hour. Team building. Sport activities: Football, Badminton.
- Year-end party. Mid-autumn festival. Annual sports tournament.
- 5 working days per week (off Saturday & Sunday).
- Extra info: In case of emergency (COVID-19), our company will flexible support candidates for online interview also WFH