Senior IT Security Specialist

Job description

Task 1: Build, maintain and ensure compliance with the Information Security Management System – ISO27001

Develop, maintain and ensure compliance controls, policies and procedures with ISO27001.
Evaluate, update, and monitor corrective or mitigation action plans for risks related to information assets, processes, and IT systems.
Classify information assets and recommend appropriate actions to ensure the security of information assets.
Internal audit and maintenance of ISO27001.

Task 2: Ensure compliance with policies and laws such as copyright, intellectual property, privacy, etc.

Task 3: Attack prevention and penetration testing

Task 4: Operation & Monitor of information security

Task 5: Report, update, communicate

Report and update the situation related to information security.
Participate in building and training information security.
Monitor security technology trends and targeted attacks, propose appropriate measures and solutions.

Bachelor Degree/ Diploma/ Certificate in IT or related majors.
General IT knowledge and in-depth information security.
Achieve one of the following certifications: CISSP (Certified Information Systems Security Professional) / CISA (Certified Information System Auditor) / CRISC (Certified in Risk and Information Systems Control) / CISM (Certified Information Security Manager) / ISO 27000 Lead Auditor.
Professional certificates: Having one of the following certificate: MCSA/MCSE, CCNA/CCNP, VMWare, .. is an advantage.
At least 7 years of experience in IT field and 2 years of experience in a similar position.
Experience in implementing and operating ISO27001 system is preferred.
Good ability to read and understand English.