Senior IT Security Officer (Gorvernance - Risk - Compliance)

1. IT risk and compliance frame work and management
- Develop IT risk management methodology, plan and conduct risk assessment programs for IT systems
- Corporate with IT functions and other departments to develop and update timely the IT risk & control matrix
IT Security standards management
- Research, develop and implement International security standards and other entity requirements (SBV, PCI-DSS …) into company systems.
- Research and development, implement standards and policies to comply with PDPD 13.
- Co-ordinate with other IT teams to develop technical policies, standards, procedures align with LOTTE FINANCE IT security requirements

2. Reporting and administration
- Control for implementation of IT Security strategy and plans of IT Security
- Control approve the request/changes related to security, control activities of IT security: implementing, operating, vulnerabilities management
- Build up key indicator to monitor and improve IT Security services like SLA, KRI, RPO, RTO, …
- Work with both internal/external audit during audit programs
- Training IT security awareness
- Collect, analysis, buidlup report for IT Security
- Do others jobs assigned by Manager/Director

1. Bachelor or higher degree in Information Technology (HUT, ACT, VNU are preferred)
2. 3 years or more of working experience in IT security banking, good knowledge in international IT security standards (ISO 270001, PCI-DSS,…), ITIL best practices
3. Have good knowledge in network security, system security, application security and virus/malwares
4. Have good knowledge in pentest with OWSAP Standard and ability discovery & exploit vulnerabilities, cyber attack
5. Experienced in implementing ISO27001/PCI-DSS or data privacy is preferred
6. Have good knowledge in security architect, security technology, integration is preferred