Các Phúc Lợi Dành Cho Bạn
13th month salary and bonus
Laptop, professional training international environment
Mô Tả Công Việc
We are PwC, a global professional services company and a Big4 firm, and are seeking candidates who have experience on cybersecurity advisory/assessment to work in the Cybersecurity and Privacy team as a Associate or Senior Cybersecurity Consultant in Hanoi Office. Joining PwC, the candidates will have opportunities to collaborate with cybersecurity experts throughout PwC global network and deliver cybersecurity services for the clients in various sectors.
- Work in a highly innovative and transformative business
- Work/life balance with access to flexible work arrangements
- Salary packaging – to suit your personal and financial circumstances
- Professional certification sponsorship – to develop your talent and enhance knowledge
What will your typical day look like?
Do you thrive on developing creative and innovative insights to solve complex challenges? Want to work on next-generation, cutting-edge products and services that deliver outstanding value and that are global in vision and scope? Work with other experts in your field? Work for a world-class organisation that provides an exceptional career experience with an inclusive and collaborative culture?
Responsiblities (Associate):
- Deliver cybersecurity and privacy assessment and advisory services such as cyber maturity assessment following NIST CSF, compliance assessment against international standards such as ISO 27001, PCI-DSS, SWIFT, GDPR, etc, and local cybersecurity regulations such as Cybersecurity Law
- Perform cybersecurity risk assessment and develop control framework to reduce and mitigate identified risks.
- Review client’s cybersecurity related policy, processes, procedures, control artefacts and documentations.
- Engage in cybersecurity strategy advisory and roadmap development engagements.
- Assist senior members when performing incident response activities.
- Perform security configuration reviews for network and systems in accordance with CIS benchmark, STIG guideline, ISO standards, etc.
- Actively support other team members and deliver work surpassing client’s expectations.
- Continuously research and follow up the latest IT security and privacy challenges and technologies (Mobile, Digital trust, IoT, Cloud, Blockchain etc).
Responsibilities (Senior Associate):
- Deliver cybersecurity and privacy assessment and advisory services such as cyber maturity assessment following NIST CSF, compliance assessment against international standards such as ISO 27001, PCI-DSS, SWIFT, GDPR, etc, and local cybersecurity regulations such as Cybersecurity Law.
- Deliver multiple risk assurance services, including IT security vendor selection, cyber security project management, vulnerability assessment, penetration testing, incident response, threat hunting, SOC 1,2,3 (ISAE) assessment.
- Identify cybersecurity risks and design controls tailored to the client’s environment.
- Interview key stakeholders and assess the effectiveness of cyber security design and operations.
- Design and develop cyber security documents including policy, processes, procedures, and guidelines.
- Consult and advise clients on cybersecurity strategy and roadmap.
- Perform security configuration reviews for network and systems in accordance with some good practices/standards.
- Engage in specific types of cyber security advisory and consulting projects related to DevSecOps, DLP, IAM, PAM, cloud security operations, etc.
- Supervise and review the work actively, providing support to other team members.
- Lead team to challenge the status quo, exceeding expectations.
- Work actively in supporting and monitoring the business development area, and in following up proposal processing with client expectations.
- Continuously research and follow up the latest IT security and privacy challenges and technologies (Mobile, Digital trust, IoT, Cloud, BlockChain etc).
- Continuously research and follow up the latest IT security and privacy challenges and technologies (Mobile, Digital trust, IoT, Cloud, Blockchain etc).
Xem toàn bộ Mô Tả Công Việc
- Work in a highly innovative and transformative business
- Work/life balance with access to flexible work arrangements
- Salary packaging – to suit your personal and financial circumstances
- Professional certification sponsorship – to develop your talent and enhance knowledge
What will your typical day look like?
Do you thrive on developing creative and innovative insights to solve complex challenges? Want to work on next-generation, cutting-edge products and services that deliver outstanding value and that are global in vision and scope? Work with other experts in your field? Work for a world-class organisation that provides an exceptional career experience with an inclusive and collaborative culture?
Responsiblities (Associate):
- Deliver cybersecurity and privacy assessment and advisory services such as cyber maturity assessment following NIST CSF, compliance assessment against international standards such as ISO 27001, PCI-DSS, SWIFT, GDPR, etc, and local cybersecurity regulations such as Cybersecurity Law
- Perform cybersecurity risk assessment and develop control framework to reduce and mitigate identified risks.
- Review client’s cybersecurity related policy, processes, procedures, control artefacts and documentations.
- Engage in cybersecurity strategy advisory and roadmap development engagements.
- Assist senior members when performing incident response activities.
- Perform security configuration reviews for network and systems in accordance with CIS benchmark, STIG guideline, ISO standards, etc.
- Actively support other team members and deliver work surpassing client’s expectations.
- Continuously research and follow up the latest IT security and privacy challenges and technologies (Mobile, Digital trust, IoT, Cloud, Blockchain etc).
Responsibilities (Senior Associate):
- Deliver cybersecurity and privacy assessment and advisory services such as cyber maturity assessment following NIST CSF, compliance assessment against international standards such as ISO 27001, PCI-DSS, SWIFT, GDPR, etc, and local cybersecurity regulations such as Cybersecurity Law.
- Deliver multiple risk assurance services, including IT security vendor selection, cyber security project management, vulnerability assessment, penetration testing, incident response, threat hunting, SOC 1,2,3 (ISAE) assessment.
- Identify cybersecurity risks and design controls tailored to the client’s environment.
- Interview key stakeholders and assess the effectiveness of cyber security design and operations.
- Design and develop cyber security documents including policy, processes, procedures, and guidelines.
- Consult and advise clients on cybersecurity strategy and roadmap.
- Perform security configuration reviews for network and systems in accordance with some good practices/standards.
- Engage in specific types of cyber security advisory and consulting projects related to DevSecOps, DLP, IAM, PAM, cloud security operations, etc.
- Supervise and review the work actively, providing support to other team members.
- Lead team to challenge the status quo, exceeding expectations.
- Work actively in supporting and monitoring the business development area, and in following up proposal processing with client expectations.
- Continuously research and follow up the latest IT security and privacy challenges and technologies (Mobile, Digital trust, IoT, Cloud, BlockChain etc).
- Continuously research and follow up the latest IT security and privacy challenges and technologies (Mobile, Digital trust, IoT, Cloud, Blockchain etc).
Yêu Cầu Công Việc
Requirements for Associate:
- Knowledge of relevant IT and cybersecurity frameworks and standards (such as NIST, CIS, COBIT, ISO standards, etc.)
- Knowledge of local cybersecurity regulations such as Cybersecurity Law, Circular 09/2020 in Banking industry, etc.
- Knowledge of IT security operations (Firewall/VPN/IDPS), system security review (Windows/Linux) and IT security compliances;
- Experience in cybersecurity risk assessment and design and/or operate cybersecurity controls
- Experience in specific cybersecurity processes and technology such as incident response, DevSecOps, DLP, IAM, PAM, etc.
- Background in or knowledge of IT system development (SDLC) methodology and information security management systems (ISMS)
- Good communication and interpersonal skills
- Self-motivation, excellent teamwork, commitment and confidence
- Preferred to hold one of the following industry certifications: OSCP, OSDA, SSCP, CySA+, Security+, Blue Team Level 2 (BTL2), Blue Team Level 1 (BTL1), CCSK, CEH, CHFI, ECIH, CCNP, CCNA, CREST, SANS or equivalent.
- Preferred to hold relevant cloud certifications: AWS, Azure, GCP
Requirements for Senior Associate:
- You will have 3+ years proven experience in IT security operations, system security configuration review, IT security compliance assessment and/or cybersecurity audit.
- Experience in applying IT and cybersecurity frameworks and standards (such as NIST, CIS, COBIT, ISO standards, etc.) in the cybersecurity assessment process.
- Experience in identifying, assessing and reviewing local cybersecurity regulations such as Cybersecurity Law, Circular 09/2020 in Banking industry, etc.
- Experience in cybersecurity risk assessment and design and/or operate cybersecurity controls.
- Experience in IT system development (SDLC) methodology and/or information security management systems (ISMS).
- Experience in operating and/or implementing IT security solutions including Firewall, IDS, IAM, PAM, WAF, DLP, etc.
- Experience in specific cyber security processes and technology such as incident response, DevSecOps, DLP, IAM, PAM, etc.
- Knowledge of enterprise information security architecture.
- Ability to communicate strategic information security topics, policies, and standards as well as risk-related concepts to technical and nontechnical audiences.
- Excellent written and verbal communication skills
- Self-motivation, excellent teamwork, commitment and confidence.
- Preferred to hold one of the following industry certifications: OSCP, OSDA, SSCP, CySA+, CCSK, CEH, CHFI, ECIH, CCNP, CREST, SANS, GIAC or equivalent.
- Preferred to hold relevant cloud certifications: AWS, Azure, GCP.
- Strongly preferred to hold one of the following professional certifications: CISSP, CCSP, CSSLP, CISM, CISA, CRISC, CIA, PMP, ISO 27001 LA or equivalent.
- Knowledge of relevant IT and cybersecurity frameworks and standards (such as NIST, CIS, COBIT, ISO standards, etc.)
- Knowledge of local cybersecurity regulations such as Cybersecurity Law, Circular 09/2020 in Banking industry, etc.
- Knowledge of IT security operations (Firewall/VPN/IDPS), system security review (Windows/Linux) and IT security compliances;
- Experience in cybersecurity risk assessment and design and/or operate cybersecurity controls
- Experience in specific cybersecurity processes and technology such as incident response, DevSecOps, DLP, IAM, PAM, etc.
- Background in or knowledge of IT system development (SDLC) methodology and information security management systems (ISMS)
- Good communication and interpersonal skills
- Self-motivation, excellent teamwork, commitment and confidence
- Preferred to hold one of the following industry certifications: OSCP, OSDA, SSCP, CySA+, Security+, Blue Team Level 2 (BTL2), Blue Team Level 1 (BTL1), CCSK, CEH, CHFI, ECIH, CCNP, CCNA, CREST, SANS or equivalent.
- Preferred to hold relevant cloud certifications: AWS, Azure, GCP
Requirements for Senior Associate:
- You will have 3+ years proven experience in IT security operations, system security configuration review, IT security compliance assessment and/or cybersecurity audit.
- Experience in applying IT and cybersecurity frameworks and standards (such as NIST, CIS, COBIT, ISO standards, etc.) in the cybersecurity assessment process.
- Experience in identifying, assessing and reviewing local cybersecurity regulations such as Cybersecurity Law, Circular 09/2020 in Banking industry, etc.
- Experience in cybersecurity risk assessment and design and/or operate cybersecurity controls.
- Experience in IT system development (SDLC) methodology and/or information security management systems (ISMS).
- Experience in operating and/or implementing IT security solutions including Firewall, IDS, IAM, PAM, WAF, DLP, etc.
- Experience in specific cyber security processes and technology such as incident response, DevSecOps, DLP, IAM, PAM, etc.
- Knowledge of enterprise information security architecture.
- Ability to communicate strategic information security topics, policies, and standards as well as risk-related concepts to technical and nontechnical audiences.
- Excellent written and verbal communication skills
- Self-motivation, excellent teamwork, commitment and confidence.
- Preferred to hold one of the following industry certifications: OSCP, OSDA, SSCP, CySA+, CCSK, CEH, CHFI, ECIH, CCNP, CREST, SANS, GIAC or equivalent.
- Preferred to hold relevant cloud certifications: AWS, Azure, GCP.
- Strongly preferred to hold one of the following professional certifications: CISSP, CCSP, CSSLP, CISM, CISA, CRISC, CIA, PMP, ISO 27001 LA or equivalent.
Địa Điểm Làm Việc
Hà Nội, Việt Nam
