IT Security Compliance Officer

Company Description

KMS was established in 2009 as a U.S.-based software development & consulting company with development centers in Vietnam. Over 13 years of operation, we have been trusted globally for the superlative quality of software services, products, technology solutions and engineers' expertise.

• KMS Technology focuses on custom software development and a wide variety of consulting services
• KMS Healthcare specialises in the healthcare industry, provides a unique blend of consultative healthcare technology solutions backed by the power of full lifecycle development support
• KMS Solutions serves the Asia Pacific region, bringing the world's innovative technologies to help organizations achieve their business goals through world-class digital capabilities and fit-for-purpose solutions

Besides providing services, KMS builds and successfully launches its own software companies through its internal startup incubator, KMS Labs. The most notable companies with millions of users worldwide include QASymphony, Kobiton, Katalon, Grove, and Visily.

KMS is committed to providing tangible contributions and long-lasting impacts to the communities through leveraging our IT expertise. The company has also been recognized by prestigious industry awards as a great workplace in Vietnam, Asia, and the U.S. for many years in a row.

Job Description

• Maintain, monitor and improve the Information Security Management System (ISMS)  by following industrial standards like ISO27001, SOC2, HIPAA, etc. 
• Build, maintain, monitor and improve security policies, processes and procedures to  ensure compliance with Client’ security requirements and applicable government legal and  regulations. 
• Develop and improve a security awareness training program through various format to  enhance user awareness for different type of employees. 
• Determine security violations and inefficiencies by conducting periodic internal security  audits to identify potential vulnerabilities related to asset protection, ensure operational  security controls are implemented and maintained properly. 
• Recognize problems by identifying abnormalities, respond immediately to security  incidents, come up with post-incident analysis and reporting security violations. 
• Report non-conformity issues to the management and propose countermeasures for  those issues to renovate the organization and operation of the Company in order to  continuously improve the efficiency of business. 
• Perform more duties be assigned by higher level if needed.

Qualifications

• Minimum of 1+ year of experience in the IT Security compliance in medium or enterprise  level.
• Prefer to working in organization of Technology, Banking, Fintech, Auditing or Internal  control industries. 
• Familiar with industrial standards like ISO 27000 family, SOC2, HIPAA, HITRUST, PCI-DSS.
• Having knowledge of Information and Cyber Security Management is a plus. Demonstrate ability to work independently and as part of a team to achieve team goals.
• Demonstrate good logical thinking and problem-solving skills. 
• Ability to effectively prioritize, take ownership and execute tasks in a high-pressure  environment. 
• Highly motivated, self-directed. 
• Good at English in communication skills including oral and written.

Education/Training Preferred:

• Bachelor’s degree in Computer Science, Auditing, Business Administration and  Operations Management related field or equivalent work experience. 
• Leading Internal Auditor certificate is a plus. 
• Certification of CISA, CISM or other equivalent certificates is an advantage.

Additional Information

Perks You'll Enjoy

• Working in one of the Best Places to Work in Vietnam
• Building large-scale & global software products
• Working & growing with Passionate & Talented Team
• Diverse careers opportunities with IT Solutions & Consulting, Software Outsourcing, Software Product Development, ...
• Attractive Salary and Benefits
• Stock Options of one of the fastest growing companies in Atlanta
• Quarterly and Annual Performance Bonus program
• Performance appraisals every year
• Onsite opportunities: short-term and long-term assignments in North American (U.S, Canada), Europe, Asia.
• Flexible working time
• Various training on hot-trend technologies, best practices and soft skills
• Premium healthcare insurance for you and your loved ones
• Company trip, big annual year-end party every year, team building, etc.
• Fitness & sport activities: football, tennis, table-tennis, badminton, yoga, swimming…
• Joining community development activities: 1% Pledge, charity every quarter, blood donation, public seminars, career orientation talks,…
• Free in-house entertainment facilities (foosball, ping pong, gym…), coffee, and snack (instant noodles, cookies, candies…)

And much more, join us and let yourself explore other fantastic things!