Security Risk & Compliance

The primary role of Security GRC Specialist is to ensure proper administration of Information Security and all potential risks that may affect HSC’s reputation, safety and Information Security are managed properly.

Your role & responsibilities:

  • Conducts Security risk assessment, which involves analyzing risks as well as identifying, describing and estimating the risks that may affect HSC organization. Identify IT controls which mitigate risks, and related opportunities for improvement.
  • Participates in the review of investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities.
  • Provides support, education and training of to all employees in terms of Security risk awareness within the organization.
  • Involve in risks assessment and management of cyber security incident response process from detection till system restore and incident closure.
  • Participates and helps in the definition of IT Security framework and associated IT Security Policies and Procedures
  • Ensures implementation of approved IT Security policies and compliance to all HSC employees.
  • Performs annual (or as needed) security review in terms of user access, infrastructure capabilities, and further IT security improvements.
  • Conducts audits of IT Operations to ensure compliance with existing IT Security policies and procedures as approved by HSC.
  • Liaise with internal and external auditors, and business partners in terms IT Security review, gap assessment and audits.
  • Ensures IT Operational Risks are managed and/or mitigated and that all existing IT security infrastructure is abreast with latest technology and industry standards.

Your skills & qualifications:

Education level

  • At least Bachelor’s degree in Computer Science, Cyber Security or a related technical field.

Knowledge & Experiences

  • At least 5 years solid IT experience with actual hands-on in IT Security Risks Management,
  • Strong knowledge and experience of applicable frameworks and regulatory requirements, formulating and implementing Information
  • Security policies and procedures, guidelines, experience in ISO 27001 and PCI DSS, NIST is a plus

Technical skills

  • Analytical, evaluative, and problem-solving abilities.
  • Highly self-motivated and directed;
  • Ability to effectively prioritize and execute tasks in a high-pressure environment;
  • Highly self-motivated, hard-working, sociable and reliable.

Soft skills

  • Keen attention to detailed.
  • Good written and oral communication skills.
  • Experience working in a team-oriented, collaborative environment.
  • Good at written and oral Vietnamese and English.
9 hours ago


76A Lê Lai, Phường Bến Thành, Quận 1, Thành phố Hồ Chí Minh

Year of experience

5 năm


Chuyên viên

Job Type


Công ty Cổ phần Chứng khoán Thành phố Hồ Chí Minh (HSC)
Công ty Cổ phần Chứng khoán Thành phố Hồ Chí Minh (HSC)



76A Lê Lai, Phường Bến Thành, Quận 1, Thành phố Hồ Chí Minh

Company size



Tech stack