1 - 5
- Cấp bậc
- Hết hạn nộp
- Chế độ bảo hiểm
- Du Lịch
- Phụ cấp
- Chế độ thưởng
- Chăm sóc sức khỏe
- Đào tạo
- Tăng lương
- Nghỉ phép năm
- CLB thể thao
Mô tả Công việc
Security Risk Management:
- Coordinate the regular updating and enhancement of VNG's Information Security Management System (ISMS) documentation.
- Safeguard the compliance of in-scope departments with established ISMS rules and regulations.
- Create, manage, and update security awareness training programs to promote a culture of safety.
- Assess and manage vendor profiles in accordance with our third-party risk management framework.
- Lead periodic Information and Communication Protection (ICP) and Business Continuity Planning (BCP) tests.
Information Security (IS) Processes:
- Collaborate with team leaders to develop, review, and refine comprehensive information security processes.
- Supervise and ensure the successful implementation of IS processes across relevant departments.
Universal IS Risk Management:
- Maintain and annually update VNG's universal IS risk management framework.
- Ensure the Risk Portal adequately supports key users.
- Identify, analyze, and implement treatment plans for various security risks.
- Regularly review and update control effectiveness, non-conformity, and risk reports.
- Assist VNG's products in acquiring IS-related certificates, such as ISO 27001, PCI DSS, etc.
- Collaborate with technical departments to implement certificates' requirements.
- Support the Leader in implementing data governance and management programs.
- Conduct regular IT Internal Audits, including planning, executing, and reporting on findings.
Yêu Cầu Công Việc
Qualifications and Skills:
- Proven business analysis skills.
- Understanding of architecture, including systems, network, and data.
- Proficient in business statistics and its application in data analysis and analytics projects.
- Demonstrated project management capabilities, with the ability to manage personal tasks and those of associates.
- Proficient understanding of operating systems, including Linux distributions and Windows.
- Familiarity with network infrastructure.
- Previous experience with Python usage.
Governance, Risk, and Compliance (GRC):
- Understanding of security standards/regulations like PCIDSS, ISO27000 series, etc.
- Prior experience and ability to define/enhance information systems auditing, monitoring, controlling, and assessment processes.
- Ability to develop security policies, standards, and guidelines based on best practices and industry standards.
- Proactive and possess critical thinking and problem-solving skills.
- At least 4 years of experience working in Information Systems, Business Analysis, GRC, or IT consulting.
Thông tin khác
- Bằng cấp:
- Độ tuổi:
Không giới hạn tuổi