IT Security and Compliance Manager

MIRAE ASSET FINANCE COMPANY VIETNAM
Mức lương
Đang cập nhật
Địa điểm làm việc
Quận 1, Hồ Chí Minh
Kinh nghiệm yêu cầu
Cập nhật
Chi tiết tin tuyển dụng

Mô tả công việc

Mirae Asset Finance Company (Vietnam) is a member of Mirae Asset Financial Group, a global financial group from Korea, with 20 years of experience in finance, securities, investment, asset management etc., and is present in 16 countries with 200 offices and branches worldwide.


Being present in Vietnam in 2006 and officially operating in 2011, the Company has been built with the vision of always pursuing an optimal investment management strategy in order to support customers with achieving their long-term goals. In addition, Mirae Asset Finance Company (Vietnam) has made continuous efforts to improve its consumer financial products with a purpose of creating favorable conditions for the customers to effectively, legally and safely access the capital.


Your role & responsibilities

  • Ensuring IT systems and applications within our organization meet the needs of the business while adhering to security best-practices, compliance and regulatory requirements.

  • Develop and implement the identification, assessment and mitigation of information security risks.

  • Develop and issue policies, procedures and guidelines related to information security in line with MAFC’s reality (PCI-DSS, ISO 27001...).

  • Be a contact point for reporting information security compliance to competent authorities.

  • Responsible for the day to day information security operation.

  • Create high quality reports, ready for review by CIO.

  • Identify potentially unwanted behavior and patterns of abuse on the system, and take steps to moderate and restrict this behavior.

  • Conduct the Vulnerability Assessment and Advanced Penetration Testing for: Web Application, Mobile Application, Network, Servers, Workstations.

  • Fight against threats to user safety (such as account takeover, privileged access abuse, fraud, unintentional data leaks etc).

  • Creating phishing campaigns and performing physical social engineering to obtain system and building access as well as to gather critical documents and information.

  • Performing code review: static, dynamic, and manual source code review.

  • Lead Incident Response activity (Identification, Response, Recovery and security incident investigations).

  • Perform security audits driving industry standard benchmarks.

  • Provide security guidance and input to engineering and operational teams during design review and threat modeling.

  • Develop secure coding practices and recommend technical mitigations for development teams.

  • Develop hardening guidelines and review security configurations.

  • Design and implement security patterns, systems, tools, infrastructure and frameworks to protect organization’s intellectual property against all types of threat and adversaries.

  • Secure design, build, assess and operate industry standard data security solutions for cloud hosted and traditional environments.

  • Implement data security controls to ensure a secure production environment.

  • Perform data security risk assessments and provide remediation recommendations.

  • Research and understand external best practices and emerging technologies for possible incorporation into organizational data security practices.

  • Work closely with key business partners, internal technology teams and external vendors to research, deploy and configure technologies and processes that strengthen the defenses of the enterprise.

  • Translate highly technical concepts into business impact and make remediation recommendations.


Your skills & qualifications

  • Bachelor degree in Infosec/Computer Science/Computer Engineering/MIS, or equivalent programs.

  • An expert ability to assess an organization’s attack surface/exposure level.

  • Expertise in Vulnerability Management, Incident Response/SOC, SIEM.

  • Experience in the Security planning, coordinating, executing, and reporting of tasks.

  • Experience performing code and infrastructure design reviews.

  • Experience in cloud security.

  • Experience in DLP solutions is a must.

  • Experience in creating phishing campaigns and performing physical social engineering to obtain system and building access as well as to gather critical documents and information.

  • At least 05 years Cyber Threat Intelligence, Red team and Blue Team Experience.

  • At least 03 years of experience operating security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, SIEM, VPN, DLP, IAM, PAM, database security, etc.

  • Proficiency in Linux, Windows systems engineering/operations.

  • Relevant professional qualifications such as OSCP, OSCE, OSWE, GPEN, GXPN, CHFI would be an advantage.

  • Familiarity with building, deploying, maintaining security controls.

  • Strong familiarity with at least one of the following: OWASP Top 10, PTES, or NSA Vulnerability and Penetration Testing Standards.

  • Knowledge of international standards such as PCI-DSS, ISO 27001, etc.

  • Strong analytical, Logical thinking and problem solving capabilities.

  • Team-work spirit and professional working behavior.

  • Able to research new knowledge and technology.


Mirae Asset Finance Viet Nam aims to build a "Professional - Friendly - Effective" working environment. Our strategic objective is to provide a working place with attractive package, growth opportunity, and sustainable development.


Benefits for you
  • 15 Annual Leaves
  • 13th Salary and pro-Rate and performance bonus
  • Annual healthcare insurance package from senior level and above
  • A week trip to Korea in order to recognize all your good performance and effort
  • Work-life balance 42,5-hr per week from Mon to Fri.

Cập nhật gần nhất lúc: 2024-04-03 11:55:45

Xem thêm
Người tìm việc lưu ý:
Bạn đang xem tin IT Security and Compliance Manager - Mã tin đăng: 4088931. Mọi thông tin liên quan tới tin tuyển dụng này là do người đăng tin đăng tải và chịu trách nhiệm. Chúng tôi luôn cố gắng để có chất lượng thông tin tốt nhất, nhưng chúng tôi không đảm bảo và không chịu trách nhiệm về bất kỳ nội dung nào liên quan tới tin việc làm này. Nếu người tìm việc phát hiện có sai sót hay vấn đề gì xin hãy báo cáo cho chúng tôi

Các tìm kiếm khác liên quan đến công việc It security

MIRAE ASSET FINANCE COMPANY VIETNAM

Quy mô: Cập nhật
Trụ sở: Cập nhật

Thông tin chung

Ngành nghề
IT phần mềm
Cấp bậc
Nhân Viên
Kinh nghiệm yêu cầu
Đang cập nhật
Trình độ yêu cầu
Đang cập nhật
Số lượng cần tuyển
Đang Cập Nhật
Hình thức làm việc
Đang cập nhật
Giới tính
Đang cập nhật
Hạn nộp hồ sơ
19/04/2024
Mẫu CV đẹp

Việc làm đề xuất liên quan

Việc làm đã xem gần đây