IT Security Specialist Asia
1. IT POLICY AND PROCEDURE: Design and implement IT policies, procedures, and controls necessary to ensure and protect information system assets according to Global IT management guideline and Global IT policies
2. IT INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS): Start building and maintenance Information security management system
3. IT AUDIT:
• Identify and analyze the operational risks for IT systems security
• Analyses business needs in the information security area, recommend and give opinions on technical security implementations and solutions
• Internal risk reports/updates monthly
• Gap analysis report
• Internal information risk training program/session
• Ensure prevention of intentional or inadvertent access, modification, disclosure, or destruction.
• Provide guidance and direction both within IT and among users for the physical protection of information systems assets, corporate information, and intellectual property assets.
4. ISO 27001:2013: Internal Project manager in achieving ISO27001:2013 certification
• Pentest for Infrastructure and Service
• Pentest for Business applications & Process
• A bachelor’s degree in Computer Science, Information Systems, or a closely related field is required or an equivalent combination of education and experience.
• Knowledge of network environment to include routing, TCP/IP, Internet technologies, network security/firewalls.
• Knowledge of information security technologies and issues such as security architecture, disaster recovery, encryption standards, industry standards for
network security monitoring and intrusion response, nature and sources of network security threats and methodologies/technical requirements for devising
• Winning, Helping, Leadership, Persuasion power, Decisiveness, Developing a vision
• Excellent Vietnamese & English communication (oral, written, presentation), interpersonal and consultative skills
• This position requires some weekend and evening assignments as well as availability during off-hours for participation in scheduled and unscheduled
• Involve in Information security rescue team