Job description
Task 1: Build, maintain and ensure compliance with the Information Security Management System – ISO27001
- Develop, maintain and ensure compliance controls, policies and procedures with ISO27001.
- Evaluate, update, and monitor corrective or mitigation action plans for risks related to information assets, processes, and IT systems.
- Classify information assets and recommend appropriate actions to ensure the security of information assets.
- Internal audit and maintenance of ISO27001.
Task 2: Ensure compliance with policies and laws such as copyright, intellectual property, privacy, etc.
Task 3: Attack prevention and penetration testing
- Propose and implement measures to prevent attacks from outside.
- Participate in penetration testing and fix system vulnerabilities.
Task 4: Operation & Monitor of information security
- Prevent the risk of attack and information leakage from inside and outside.
- Responsible for reacting actions when there is an information leak or attack.
- Coordinate to build the performance measurement system of the IT system.
Task 5: Report, update, communicate
- Report and update the situation related to information security.
- Participate in building and training information security.
- Monitor security technology trends and targeted attacks, propose appropriate measures and solutions.
Job Requirement
- Bachelor Degree/ Diploma/ Certificate in IT or related majors.
- General IT knowledge and in-depth information security.
- Achieve one of the following certifications: CISSP (Certified Information Systems Security Professional) / CISA (Certified Information System Auditor) / CRISC (Certified in Risk and Information Systems Control) / CISM (Certified Information Security Manager) / ISO 27000 Lead Auditor.
- Professional certificates: Having one of the following certificate: MCSA/MCSE, CCNA/CCNP, VMWare, .. is an advantage.
- At least 7 years of experience in IT field and 2 years of experience in a similar position.
- Experience in implementing and operating ISO27001 system is preferred.
- Good ability to read and understand English.
Required Job Skills
Communication
IT
Back-end
Front-end
Information Security
English