SPS Vietnam

Tóm tắt công việc

1. Principal Duties:

• Vietnam InfoSec Lead: Manage all information security aspects in Vietnam, supporting other locations and acting as the internal & customer contact point.
• Global Security Expert: Collaborate with the Global Security team on international initiatives and ensure global/local security policy implementation.
• Security Champion: Report on security projects, incidents, and KPIs, while keeping everyone informed and aligned with global security standards.

2. Responsibilities:

• Good understanding of Information Security norms and regulations, i.e., ISO27001, PCI-DSS, etc.
• Information Security Risk Management experience (threat identification, risk evaluation, mitigation strategies, monitoring and, follow up)
• Evaluation of Information Security control adequacy on projects.
• Stakeholder management experience including reporting to senior management.
• Technical understanding of different technologies, such as, but not limited to cloud and on-premises environment, AV technology, Backup technology, Network architecture, segmentation, etc., virtualization.
• Understanding on Vulnerability Management and the associated Risk mitigation strategies.
• Understanding of Data Loss Prevention technologies.
• Being able to extract actionable information from Penetration Test reports.
• Be able to adapt to technical and non-technical audiences.
• Ability to work under pressure and to tight deadlines.
• To already possess, or to fulfil the qualifications to get SC Clearance.
• Ensured information security posture of SPS Viet Nam is aligning with Swiss Post Group.
• Review the compliance of IT security with company policy & ISMS/ISO 27001.
• Member of Change Advisory Board to give recommendation for other teams when applying the importance change on core switches, firewall, cloud, etc.
• Provide security information and reports, including vulnerability and exploitation news, security patches, and fixes. Support operational teams in implementing fixes/ patches.
• Other duties as assigned by IT Manager & Direct Manager.

** Education:

• University Degree in Computer Science or IT equivalent training.

** Technology skills and experience:

• We foresee the right person for this role has an IT background with at least 4 years of experience in Information Security. Possess a willingness to undertake any challenge presented and have the flexibility to adapt to changing circumstances.
• The person should be ready to work with a diverse team spread across multiple countries and be able to leverage the group’s expertise to provide innovative and pragmatic information security solutions.
• This role requires you to have excellent written and verbal communication skills in English and a hunger to quickly pick up skills in new and exciting areas of IT security.
• ISMS/ISO 27001 Technical implement knowledge is required, PCI DSS is an advantage.
• Incident Management experience.
• Internal and external auditing experience.
• Vendor management experience.

** Soft Skills:

• English communication
• Strong troubleshooting & analyzing
• Customer oriented
• Problem solving
• Negotiation