Purpose of Role:
Ensure PIPO VN IT/IS achieves and maintains compliance with SBV requirements, and act as liaison between PIPO global team and VN regulators for IT/IS audits.
Job description:
Responsibilities:
Regular CIO consulting service: 1 day per week for 1 year; Respond to SBV inquiries; Provide consulting service on VN data compliance obligations
Language: English (Fluent is a must); Chinese is a plus.
SBV onsite audit support: 2 days per week of 2 months; Review and revise the audit preparation documents; Identify compliance gaps and risks of the audit readiness; Present audit packages to SBV during onsite inspection
Knowledge and Skills
Excellent analytical and problem- solving skills with a proven ability to achieve targets autonomously. The candidate should demonstrate self- motivation and the ability to work independently under pressure while handling complex IT challenges.
Ability to manage risks in ambiguous and complex situations
Demonstrated teamwork and collaboration skills, in particular, contributing to global and cross- functional teams
Highly motivated to contribute and grow within a complex area of emerging importance
Excellent communication skills (verbal and written), ability to influence. Able to communicate technical concepts to a broad range of technical and non- technical staff. • Strong capability to manage risks in ambiguous and complex situations without direct oversight. The candidate needs to demonstrate a proactive approach to identifying potential challenges and devising strategic solutions independently.
Strong understanding of:
Industry standard frameworks (including PCI DSS, ISO 27001)
A strong understanding of the Vietnamese digital landscape, including local market trends, customer expectations, and challenges faced in cybersecurity and data privacy.
Operating and maintaining tools across a range of security domains
Comprehensive understanding of and compliance with local cybersecurity and data protection regulations, including the Vietnam Data Law, Personal Information Protection, Cybersecurity Law and relevant requirements set forth by the regulators
Requirements:
8- 10 years of applicable experience designing, deploying and managing a range of IT infrastructure, including: Cloud architecture, application stack including CloudNative, Microservices, Kubernetes, AWS, GCP, or OCI
Demonstrated ability to quickly assimilate new knowledge and remain current on new developments in cybersecurity capabilities and industry knowledge
High degree of integrity and trustworthiness and the ability to lead and inspire change
Strong Leadership, Communication and Project Management skills
In- depth experience in the following:
Product management and support
Database management and administration
Microservice architecture
Disk, file, device, and database encryption
Vulnerability management
Logging, monitoring, and security event management
Change management
Preferred skills/qualifications:
Familiarity with source code management tools (e.g., Github, Bitbucket)
Familiarity with identifying potential opportunities to Automate and optimize IT controls
Experience in deploying and managing standard certification frameworks (including PCI DSS, ISO 27001)
In- depth experience in Data Security, Privacy, and Protection, ideally in a FinTech or payment- related industry
Familiarity with securing data across multiple database technologies (e.g., MySQL, Redis, Hive)
Familiarity with securing data across SaaS and IaaS cloud platforms (e.g., AWS, Google Cloud Platform)
Experience using one or more programming/scripting languages (e.g., Python, Go, Java, etc.)
Previously approved as an Authorised Officer by the Central Bank of VN or by any ther supervisory authority of the financial sector.
Be able to handle ambiguity and collaborate with a global team
Be comfortable communicating with business executives and technical teams.
