TopDev

Security Risk & Compliance

Công ty Cổ phần Chứng khoán Thành phố Hồ Chí Minh (HSC)

76A Lê Lai, Phường Bến Thành, Quận 1, Thành phố Hồ Chí Minh
Job Description
About Company

The primary role of Security GRC Specialist is to ensure proper administration of Information Security and all potential risks that may affect HSC’s reputation, safety and Information Security are managed properly.

Your role & responsibilities

  • Conducts Security risk assessment, which involves analyzing risks as well as identifying, describing and estimating the risks that may affect HSC organization. Identify IT controls which mitigate risks, and related opportunities for improvement.
  • Participates in the review of investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities.
  • Provides support, education and training of to all employees in terms of Security risk awareness within the organization.
  • Involve in risks assessment and management of cyber security incident response process from detection till system restore and incident closure.
  • Participates and helps in the definition of IT Security framework and associated IT Security Policies and Procedures
  • Ensures implementation of approved IT Security policies and compliance to all HSC employees.
  • Performs annual (or as needed) security review in terms of user access, infrastructure capabilities, and further IT security improvements.
  • Conducts audits of IT Operations to ensure compliance with existing IT Security policies and procedures as approved by HSC.
  • Liaise with internal and external auditors, and business partners in terms IT Security review, gap assessment and audits.
  • Ensures IT Operational Risks are managed and/or mitigated and that all existing IT security infrastructure is abreast with latest technology and industry standards.

Your skills & qualifications

Education level

  • At least Bachelor’s degree in Computer Science, Cyber Security or a related technical field.

Knowledge & Experiences

  • At least 5 years solid IT experience with actual hands-on in IT Security Risks Management,
  • Strong knowledge and experience of applicable frameworks and regulatory requirements, formulating and implementing Information
  • Security policies and procedures, guidelines, experience in ISO 27001 and PCI DSS, NIST is a plus

Technical skills

  • Analytical, evaluative, and problem-solving abilities.
  • Highly self-motivated and directed;
  • Ability to effectively prioritize and execute tasks in a high-pressure environment;
  • Highly self-motivated, hard-working, sociable and reliable.

Soft skills

  • Keen attention to detailed.
  • Good written and oral communication skills.
  • Experience working in a team-oriented, collaborative environment.
  • Good at written and oral Vietnamese and English.

Benefits for you

  • Mức lương cạnh tranh và thưởng KPI hấp dẫn
  • 14-16 ngày phép/năm,
  • 100% BHXH, BHYT, khám sức khỏe hàng năm
  • Các khóa đào tạo online (e-learning) và offline (chứng chỉ chuyên môn, CFA, MBA)
  • Câu lạc bộ gym, yoga, cầu lông, chạy bộ, bóng đá và tennis
  • Hoạt động văn – thể - mỹ (team building, thi đấu thể thao)
  • Thời gian làm việc: Thứ 2 - Thứ 6

Company

Công ty Cổ phần Chứng khoán Thành phố Hồ Chí Minh (HSC)

Industry

Chứng khoán

Company size

500-999

Nationality

Vietnam

About us

General information