Implementing, coordinating, and continuously improving the local information security management system (ISMS) based on the ISMS country project plans
Coordinate, create and revise the security policies and related sub-concepts based on the context of the country or country region
Implementation of measures
Planning and coordinating the implementation of information security measures in close alignment with management level and key stakeholders such as e.g., HQ-ISMT (Information Security Management Team), IT Department, central Data Protection Team, and Digitalization Partner, local Security Risk Management Officer (SRMO) and projects
Support in the implementation and coordination of security-relevant processes
Monitor the effectiveness of the information security program and make recommendations for improvements to the departments of the country office
Support and maintain incident management
Advising and reporting to management
Reporting on the local information security management system (ISMS) performance to local management level and HQ/ Chief Information Security Officer (CISO)
Reporting of security risks and issues to local management and HQ/CISO
Advising the local management and HQ/CISO how audit findings should be implemented
Internal audits and support on external audits
Develop an internal audit plan based on the audit program from HQ/ISMT
Support and conduct internal audits for the implementation of applicable security control objectives
Prepare and support the continuous improvement through the certification and surveillance audit
Contact person for all internal and external non-conformities in audits
Awareness and central contact person
Provide guidance and support to employees on information security best practices
Initiation and implementation of awareness-raising measures for information security in consultation with various stakeholders (such as IT professionals and local digitization partners)
Close interaction and communication to Headquarter ISM-Operations and relevant stakeholders
Job Requirement
At least 5 years of experience working in the field of information security, setting up and/or operating an ISMS
Knowledge and experience in information security with methodological competences in ISO/IEC 27001 and related standards, risk management, vulnerability management and audit are required
Basic knowledge of IT – management systems will be an asset
Excellent communication skills in English and the ability to network with key stakeholders and to work in a team are key requirements for this position
The ability to interpret standard ISO requirements for the local context and propose practical implementation measures is highly relevant for this role
Being pro-active, having a commitment to life-long learning and staying up to date with security and threat-related trends by attending necessary further training is required
Independence, credibility, impartiality, and unconditional discretion is essential for the job
Frequent travels between Viet Nam and Laos is required for this regional role
GIZ is committed to create an appreciative work environment, irrespective of age, ethnic background and nationality, gender and gender identity, physical and mental abilities, religion and worldview, sexual orientation and social background. We ensure human resource processes live up to the diverse competencies and talents of all employees, as well as satisfy our performance expectations.
What we can offer to the successful candidates:
· Good working environment
· Competitive compensation and benefit packages such as contribution of all compulsory insurances, providing with the additional health care, the annual health check-up and the 24-hours accident insurance.
· Covering all travel expenses with travel allowances when traveling on business
· And good policy on training and development
· And policy on flexible working time
Interested qualified candidates are invited to send the GIZ Application Form in English, copies of relevant certificates and references, either by email or by post (to GIZ Office Hanoi, 6th Floor Hanoi Towers, 49 Hai Ba Trung Street, Hanoi, Vietnam) before 21st November 2024.