Senior IT Security Specialist


Job description

Task 1: Build, maintain and ensure compliance with the Information Security Management System – ISO27001

  • Develop, maintain and ensure compliance controls, policies and procedures with ISO27001.
  • Evaluate, update, and monitor corrective or mitigation action plans for risks related to information assets, processes, and IT systems.
  • Classify information assets and recommend appropriate actions to ensure the security of information assets.
  • Internal audit and maintenance of ISO27001.

Task 2: Ensure compliance with policies and laws such as copyright, intellectual property, privacy, etc.

Task 3: Attack prevention and penetration testing

  • Propose and implement measures to prevent attacks from outside.
  • Participate in penetration testing and fix system vulnerabilities.

Task 4: Operation & Monitor of information security

  • Prevent the risk of attack and information leakage from inside and outside.
  • Responsible for reacting actions when there is an information leak or attack.
  • Coordinate to build the performance measurement system of the IT system.

Task 5: Report, update, communicate

  • Report and update the situation related to information security.
  • Participate in building and training information security.
  • Monitor security technology trends and targeted attacks, propose appropriate measures and solutions.

Job Requirement

  • Bachelor Degree/ Diploma/ Certificate in IT or related majors.
  • General IT knowledge and in-depth information security.
  • Achieve one of the following certifications: CISSP (Certified Information Systems Security Professional) / CISA (Certified Information System Auditor) / CRISC (Certified in Risk and Information Systems Control) / CISM (Certified Information Security Manager) / ISO 27000 Lead Auditor.
  • Professional certificates: Having one of the following certificate: MCSA/MCSE, CCNA/CCNP, VMWare, .. is an advantage.
  • At least 7 years of experience in IT field and 2 years of experience in a similar position.
  • Experience in implementing and operating ISO27001 system is preferred.
  • Good ability to read and understand English.

Required Job Skills

Communication IT Back-end Front-end Information Security English