Senior Security Risk Analyst

Báo lỗi

Công Ty Cổ Phần VNG

Lượt xem: 152

Ngày cập nhật: 14-04-2024

Địa điểm: Hồ Chí Minh

Ngành nghề: IT - Phần mềm

Vị trí: Nhân viên

Mức lương: Cạnh tranh

Trình độ: Đại học

Kinh nghiệm: 4 - 10 Năm

Đang tải ...

Mô tả công việc

Responsibility Overview:
Security Risk Management:

  • Coordinate the regular updating and enhancement of VNGs Information Security Management System (ISMS) documentation.
  • Safeguard the compliance of in-scope departments with established ISMS rules and regulations.
  • Create, manage, and update security awareness training programs to promote a culture of safety.
  • Assess and manage vendor profiles in accordance with our third-party risk management framework.
  • Lead periodic Information and Communication Protection (ICP) and Business Continuity Planning (BCP) tests.

Information Security (IS) Processes:

  • Collaborate with team leaders to develop, review, and refine comprehensive information security processes.
  • Supervise and ensure the successful implementation of IS processes across relevant departments.

Universal IS Risk Management:

  • Maintain and annually update VNGs universal IS risk management framework.
  • Ensure the Risk Portal adequately supports key users.
  • Identify, analyze, and implement treatment plans for various security risks.
  • Regularly review and update control effectiveness, non-conformity, and risk reports.

Compliance Management:

  • Assist VNGs products in acquiring IS-related certificates, such as ISO 27001, PCI DSS, etc.
  • Collaborate with technical departments to implement certificates requirements.
  • Support the Leader in implementing data governance and management programs.
  • Conduct regular IT Internal Audits, including planning, executing, and reporting on findings.

Yêu cầu công việc

Qualifications and Skills:
Information Systems:

  • Proven business analysis skills.
  • Understanding of architecture, including systems, network, and data.
  • Proficient in business statistics and its application in data analysis and analytics projects.
  • Demonstrated project management capabilities, with the ability to manage personal tasks and those of associates.

Information Security:

  • Proficient understanding of operating systems, including Linux distributions and Windows.
  • Familiarity with network infrastructure.
  • Previous experience with Python usage.

Governance, Risk, and Compliance (GRC):

  • Understanding of security standards/regulations like PCIDSS, ISO27000 series, etc.
  • Prior experience and ability to define/enhance information systems auditing, monitoring, controlling, and assessment processes.
  • Ability to develop security policies, standards, and guidelines based on best practices and industry standards.

Interpersonal Skills:

  • Proactive and possess critical thinking and problem-solving skills.

Experience:

  • At least 4 years of experience working in Information Systems, Business Analysis, GRC, or IT consulting.

Quyền lợi công việc

  • Laptop
  • Chế độ bảo hiểm
  • Du Lịch
  • Phụ cấp
  • Chế độ thưởng
  • Chăm sóc sức khỏe
  • Đào tạo
  • Tăng lương
  • Công tác phí
  • Phụ cấp thâm niên
  • Nghỉ phép năm
  • CLB thể thao
Đang tải ...

Hạn nộp: 14-05-2024

Bấm để nộp hồ sơ ứng tuyển miễn phí

Nộp hồ sơ

Đang tải ...
Đang tải ...

VIỆC LÀM TƯƠNG TỰ

Đang tải ...
Đang tải ...