Security Risk & Compliance

The primary role of Security GRC Specialist is to ensure proper administration of Information Security and all potential risks that may affect HSC’s reputation, safety and Information Security are managed properly.

Trách nhiệm công việc:

  • Conducts Security risk assessment, which involves analyzing risks as well as identifying, describing and estimating the risks that may affect HSC organization. Identify IT controls which mitigate risks, and related opportunities for improvement.
  • Participates in the review of investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities.
  • Provides support, education and training of to all employees in terms of Security risk awareness within the organization.
  • Involve in risks assessment and management of cyber security incident response process from detection till system restore and incident closure.
  • Participates and helps in the definition of IT Security framework and associated IT Security Policies and Procedures
  • Ensures implementation of approved IT Security policies and compliance to all HSC employees.
  • Performs annual (or as needed) security review in terms of user access, infrastructure capabilities, and further IT security improvements.
  • Conducts audits of IT Operations to ensure compliance with existing IT Security policies and procedures as approved by HSC.
  • Liaise with internal and external auditors, and business partners in terms IT Security review, gap assessment and audits.
  • Ensures IT Operational Risks are managed and/or mitigated and that all existing IT security infrastructure is abreast with latest technology and industry standards.

Kỹ năng & Chuyên môn:

Education level

  • At least Bachelor’s degree in Computer Science, Cyber Security or a related technical field.

Knowledge & Experiences

  • At least 5 years solid IT experience with actual hands-on in IT Security Risks Management,
  • Strong knowledge and experience of applicable frameworks and regulatory requirements, formulating and implementing Information
  • Security policies and procedures, guidelines, experience in ISO 27001 and PCI DSS, NIST is a plus

Technical skills

  • Analytical, evaluative, and problem-solving abilities.
  • Highly self-motivated and directed;
  • Ability to effectively prioritize and execute tasks in a high-pressure environment;
  • Highly self-motivated, hard-working, sociable and reliable.

Soft skills

  • Keen attention to detailed.
  • Good written and oral communication skills.
  • Experience working in a team-oriented, collaborative environment.
  • Good at written and oral Vietnamese and English.
6 ngày trước

Địa điểm

76A Lê Lai, Phường Bến Thành, Quận 1, Thành phố Hồ Chí Minh

Số năm kinh nghiệm

5 năm

Cấp bậc

Chuyên viên

Loại hình

Kỹ năng

Công ty Cổ phần Chứng khoán Thành phố Hồ Chí Minh (HSC)
Công ty Cổ phần Chứng khoán Thành phố Hồ Chí Minh (HSC)


Địa điểm

76A Lê Lai, Phường Bến Thành, Quận 1, Thành phố Hồ Chí Minh

Quy mô công ty


Ngành nghề

Các công nghệ sử dụng

Quốc tịch công ty