Mô tả công việc
Implementing IT Security :
Research / develop / implement technique security standards / guide aligned with international standards (PCIDSS), policy requirements (SBV);
Implement Security projects include but not limited to ISO 27001, Risk Assessment, Security Training, ;
Implementing tasks from IT projects of the Bank, the security improvement projects.
IT risk and compliance frame work and management
Corporate with VPB Risk Division to develop and adopt risk management framework+ Develop IT risk management methodology, plan and conduct risk assessment programs for IT systems;
Corporate with IT functions and other departments to develop and update timely the IT risk & control matrix.
IT Security policy & standards management
Research, develop and implement International security standards and other entity requirements (SBV, PCI-DSS, ISO 27001, ) into bank systems
Co-ordinate with Risk & other IT teams to develop policies, security technical standards, procedures align with VPB IT security requirements
Salary : Negotiable;
Short-term incentive, Year End Bonus (following VPBank policy);
Allowance : lunch allowance 35.0000 VND / day, mobile allowance, Vietnamese holiday allowance ;
Preferential loans (following VPBank policy);
Annual leave : following VPBank policy;
Insurance : Obligatory insurance + VPBank care;
Training benefits : upon your personal needs;
Working hour : from Monday Friday, 2 saturdays morning / month.
Yêu cầu công việc
Major in IT, Academy of Cryptography Techniques / University of Science and Technology or equivalent;
Have at least 5 years of experiences in Information Security field, good knowledge about technologies about security such as Firewall, IDS / IPS, DLP, SIEM, Vunerabilities management, Patch managent, endpoint protection ;
Have good knowleged for : network, OS, web / application, database and other product;
Have good knowleged for system intergrate and architect;
Well-trained about Redhat / CentOS, Debian, Unix, AIX; Windows Be able to use effectively exploit, testing, hacking tools.
Good knowledge about attack / offence techniques;
Good knowledge about international security standards, good oriented on technology, wide understanding about various technologies and services.
Good knowledge about security frameworks : ISO 27001, PCI DSS, ITIL ;
Read, understand security documents in english.
Insurance, Travel opportunities, Incentive bonus, Health checkup, Training & Development, Salary review, Allowances, Uniform, Business Expense, Seniority Allowance, Annual Leave, Sport Club