IT Governance (Risk/ Compliance)

Support the IT QA & Governance Department at Dai-ichi Life Vietnam to manage the following:

- Information Security Projects and Initiatives

- Ensure that IT DLVN is aligned to Corporate Security Policies, Directives and Operational Guidelines by performing gap analysis that will support in creation of internal projects and initiatives.

- Support adaptation on corporate new or improved directions.

- Periodic review and assessments on internal process alignment to corporate/ regional.

PRINCIPAL ACCOUNTABILITIES:

- To Perform Periodic Review and Assessment of Risks, Deviation from standards and Processes.

- To Aid the department head on Information Security and IT Governance projects and Initiatives.

- To Ensure Compliance to Policies, Directives and Operational Guidelines by performing internal assessments.

- To Assist the division head on adaptation of Corporate and or Regional Guidelines.

- Creation of Local Processes and Procedure in alignment to Corporate Policies and Directives.

- Support IT Security and Governance Manager on other assigned tasks.

- Bachelor or Master degree in Information Technology, Computer Science, Management Information System or equivalent

- Minimum of 3+ years of experience in IT Governance, Risk, Compliance and/or Cybersecurity

- Experience in building and interpreting policies, procedures, and processes for ensuring compliance with cybersecurity policies

- Experience in performing or directly supporting risk assessment, audit project, security assessment (internal and external)

- Strong understanding of security governance, compliance and risk management principles

- Good knowledge and experience of implementing common the information security and risk related frameworks such as ISO27001, NIST CSF, CoBIT, GDPR, PCI DSS

- Good knowledge and/or experience of security technologies such as Endpoint Security, SIEM, PAM, IPS/IDS, MDM, Web proxy, Vulnerability Assessment, Penetration Testing.

- Knowledge of web/mobile application security and/or security incident management is an advantage

- Experience in Project Management, Data Governance/ Analytics is an advantage

- Professional certification such as CISM, CRISC, CISA, CISSP is an advantage

- Proven strong oral and written communication / presentation skills to a broad range of employees

- Enthusiastic about learning and willing to research

- Highly motivated, self-starting individual with ability to multi-task and manage to timelines with limited supervision in a fast paced and agile environment

- Strong interpersonal skills that establish and sustain close working relationships with interpersonal skills that establish and sustain close working relationships with IT departments and other divisions

- High responsibility and enthusiasm, discipline, supportive mindset