Information Security Specialist

About Galaxy Pay: 

Vision: Become popular, connected, simple & secure payment platform for businesses and consumers in Vietnam.

Mission: Provide a smart, comprehensive online payment platform for business Apps and Websites of companies in the digital ecosystem.

Connecting customers with the digital ecosystem, creating added value and seamlessly experiences

Product & Services:

• Payment Gateway
• Ewallet
• Payment Services

Resposibilities:

We are seeking an experienced Information Security Specialist with a background in fintech or digital payment systems to support cybersecurity, compliance, and information security operations across the organization:

Policies, Standards, and Compliance:

• Review, develop, and maintain compliance with information security and IT policies, procedures, and regulations.
• Classify information system levels and conduct personal data impact assessments. Develop documentation and conduct information security awareness training for users.
• Participate in implementing and maintaining IT governance and security standards such as ISO 27001, ISO 27701, PCI-DSS, ITIL, and other relevant standards.

System and Application Security:

• Conduct security risk assessments for backend, frontend, mobile applications, and APIs (Internal/Open/Partner APIs).
• Collaborate with development teams to implement secure architecture, secure design, and DevSecOps practices.
• Perform or coordinate internal/external security assessments such as Vulnerability Assessment and Penetration Testing.

Information Security Monitoring and Business Continuity Assurance:

• Monitor, track, collect, and handle information security alerts, threats, and risks from internal and external sources.
• Participate in developing Disaster Recovery Plans (DRP) and Business Continuity Plans (BCP) for critical IT systems.
• Participate in DRP/BCP testing, reporting results, and updating related documentation.

Other Responsibilities:

• Prepare periodic reports on IT system security and safety, and propose recommendations for improvement.
• Perform other tasks assigned by Management and the Board of Directors

• Bachelor’s degree in Information Technology, Information Security, or related fields.
• Minimum of 03 years of relevant working experience.
• Preferred qualifications:
  • International information security certifications such as CEH, Security+, CISSP, OSCP, etc.
  • Experience in finance, banking, payment gateway, or e-wallet industries.
  • Experience in compliance assessment or implementation related to PCI DSS and personal data protection standards such as ISO 27701.
• Knowledge and hands-on experience in securing Cloud platforms such as AWS, Microsoft 365, etc.
• Proactive, detail-oriented, and highly committed to work quality.
• Good English communication skills.
• Strong sense of responsibility and ownership in work.

BENEFITS:

• Attractive income (base salary & performance bonus).
• Devices provided (Laptop, monitor…)
• Health Insurance
• Annual Health Check-up
• Airline ticket promotion
• Frequent team bonding and company activities/ events.
• Work in a newly innovated office and open working space.