Mức lương: Thỏa thuận
Chức vụ: Trưởng Nhóm
Kinh nghiệm: Chưa có kinh nghiệm
Hình thức làm việc: Toàn thời gian cố định
Yêu cầu bằng cấp: Không yêu cầu
Yêu cầu giới tính: Không yêu cầu
IT phần mềm
IT Phần cứng-mạng
Mô tả công việc
* Overall responsibility for risk and compliance within area of IT and support on the IT governance,
* Performs long-range planning of associated governance, risk and compliance programs.
* Coordinates all changes to assigned systems with all other systems of the company and with all personnel affected.
* Responsible to mitigate the risk from user misused.
* Works with other managers to coordinate goals of the Department.
* Support to develop, implement and maintain IT governance framework and risk assessment.
* Overall responsible for Internal and External audit in IT as well as CAP follow up.
For this position, minimum works are as follows:
• IT risk management:
* Responsible to identify improvements and breakdowns in IT.
* Governance elements with significant business impact and feed into IT risk management function.
* Business continuity plan to limit risk.
* Conducting policy and compliance audits, which will include liaising with internal and external auditors.
• IT compliance and audit management
* Focus to manage and report the activities does not comply with standard processes.
* Plan to mitigate the risk from violation situation.
* In-charge of Change management.
* Responsible in systems assessment for compliance to cybersecurity controls and release remediation plan. Ensure that remediation activities comply with all relevant legislation and company security policies.
* Internal and external audit liaison.
• IT governance:
* Support in IT governance and IT process governance frameworks.
* Responsible for IT policy creation, review, update, awareness and monitoring.
* IT process analysis and improvement.
* Administration of key IT processes following to ITIL standard.
Yêu cầu công việc
1. Educational Level:
* University degree or equivalent certified education and experience.
* Lead Auditor in one of 27001, NIST, COBIT.
2. Work Experience
* More than 5 years’ experience of IT compliance and Internal Audit.
* Experience with GRC tools,establish ISO 27000 series, NIST, Cobit.
* Security credentials: 27001 Lead Auditor, NIST Lead Auditor CGEIT, CISA, CISM (Preferred)
* Experience in Manufacturing IT system.
3. Specialty/Qualification Skills
* Fluent verbal and written English interpersonal and communication skills
* In-depth knowledge of all aspects of governance, risk and compliance programs including ISO 27001, NIST 800-171, GDPR…
* Good working experience with ISO 27000 Series, COBIT, and ITIL.
* The ability to be flexible with others, to display tact and diplomacy, and to maintain a high degree of confidentiality and integrity
* Strong ability to handle multiple projects at the same time
* Ability to solve complex problems.
* Common: Achievement orientation; Inter-personnel; Negotiation; Development others.
* In particular: Challenge; Professional skill, Knowledge; Decision-making, Judgment; Planning, Creativity; Leadership