Senior Security Compliance Officer
Ho Chi Minh City, Vietnam
KMS TechnologyFind and start your dream jobs at KMS that can fulfill your diverse careers e.g. Software Engineers (Developer), Test Engineers (Tester), Fresher and more.
KMS was established in 2009 as a U.S.-based software development & consulting company with development centers in Vietnam. Over 13 years of operation, we have been trusted globally for the superlative quality of software services, products, technology solutions and engineers' expertise.
- KMS Technology focuses on custom software development and a wide variety of consulting services
- KMS Healthcare specialises in the healthcare industry, provides a unique blend of consultative healthcare technology solutions backed by the power of full lifecycle development support
- KMS Solutions serves the Asia Pacific region, bringing the world's innovative technologies to help organizations achieve their business goals through world-class digital capabilities and fit-for-purpose solutions
Besides providing services, KMS builds and successfully launches its own software companies through its internal startup incubator, KMS Labs. The most notable companies with millions of users worldwide include QASymphony, Kobiton, Katalon, Grove, and Visily.
KMS is committed to providing tangible contributions and long-lasting impacts to the communities through leveraging our IT expertise. The company has also been recognized by prestigious industry awards as a great workplace in Vietnam, Asia, and the U.S. for many years in a row.
- Establish, maintain, monitor and improve the Information Security Management System (ISMS) by following ISO 27000 family, and also meet compliance requirements such as SOC2, HIPAA, PCI-DSS, GDPR, etc.
- Monitor security policies, processes and procedures to ensure compliance with Client’ security requirements and applicable government legal and regulations.
- Develop best practices and security standards; implement security improvements by assessing current situations, evaluating trends and maintaining security controls.
- Determine security violations and inefficiencies by conducting periodic security audits to identify potential vulnerabilities related to asset protection, ensure operational security controls are implemented and maintained properly.
- Report non-conformity issues to the management and propose countermeasures for those issues to renovate the organization and operation of the Company in order to continuously improve the efficiency of business.
- Evaluates security trends, evolvement of threats, vulnerabilities, and performs risk assessment and treatment plan; coordinate with related parties for consulting on remediation.
- Develop and train employees for security awareness with best practices and company regulations/policies.
- Develop and improve business continuity planning and disaster recovery procedures.
- Perform other duties as assigned by higher level.
1. Knowledge and skills:
- 5+ years of working experience within IT Security Compliance function in medium or enterprise level. Prefer to technology, banking, fintech, auditing or internal control firms.
- Have knowledge and experience in building Information Security Management System by following industrial security standards like SOC 2, ISO 27001, PCI DSS, HIPAA, HITRUST etc.
- Have knowledge and experience in auditing activities of internal controls on IT security practices on-premise or cloud-based platforms.
- Demonstrate ability to work independently or as part of a team to achieve team goals.
- Demonstrate good logical thinking and problem-solving skills.
- Ability to effectively prioritize, take ownership and execute tasks in a high-pressure environment.
- Highly motivated, self-directed.
- Good at English in communication skills including oral and written.
2. Education/Training Preferred:
- Bachelor’s degree in Computer Science, Auditing, Business Administration and Operations Management related field or equivalent work experience.
- Lead Internal Auditor certificate is a plus.
- Certification of CISA, CISM or other equivalent certificates is an advantage.
Perks You'll Enjoy
- Working in one of the Best Places to Work in Vietnam
- Building large-scale & global software products
- Working & growing with Passionate & Talented Team
- Diverse careers opportunities with Software Outsourcing, Software Product Development, IT Solutions & Consulting
- Attractive Salary and Benefits
- Two performance appraisals every year and performance bonus
- Onsite opportunities: short-term and long-term assignments in North American (U.S, Canada), Europe, Asia.
- Flexible working time
- Various training on hot-trend technologies, best practices and soft skills
- Premium healthcare insurance for you and your loved ones
- Company trip, big annual year-end party every year, team building, etc.
- Fitness & sport activities: football, tennis, table-tennis, badminton, yoga, swimming…
- Joining community development activities: 1% Pledge, charity every quarter, blood donation, public seminars, career orientation talks,…
- Free in-house entertainment facilities (foosball, ping pong, gym…), coffee, and snack (instant noodles, cookies, candies…)
And much more, join us and let yourself explore other fantastic things!
More jobs like this
Sydney, New South Wales, … Sydney, New South Wales, Australia Full TimeSenior Senior-levelUSD 80K - 100K * USD 80K+ *
Risk & Compliance Analyst - Security GRC (Open to remote across ANZ)Application security Audits Compliance IAM ISO 27001 Jira Nonprofit +6
Fitness / gym Flex hours Parental leave Team events Wellness
Explore more InfoSec/Cybersecurity career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.
- Open Information Security Specialist jobs
- Open Information Security Officer jobs
- Open Staff Product Security Engineer jobs
- Open IT Security Engineer jobs
- Open Head of Information Security jobs
- Open Senior Security Operations Engineer jobs
- Open Senior SOC Analyst jobs
- Open Security Consultant jobs
- Open Information System Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Lead Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Infrastructure Security Engineer jobs
- Open Staff Application Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Senior Information Security Engineer jobs
- Open Senior Infrastructure Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open IT Security Analyst jobs
- Open Offensive Security Engineer jobs
- Open Senior Security Analyst jobs
- Open Senior Air Defense/BMD Subject Matter Expert jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Clearance-related jobs
- Open GCP-related jobs
- Open Governance-related jobs
- Open Pentesting-related jobs
- Open Network security-related jobs
- Open Risk assessment-related jobs
- Open SaaS-related jobs
- Open Forensics-related jobs
- Open ISO 27001-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Vulnerability management-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Cryptography-related jobs
- Open Threat intelligence-related jobs
- Open CISM-related jobs
- Open Analytics-related jobs
- Open Kubernetes-related jobs
- Open APIs-related jobs
- Open TCP/IP-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open IPS-related jobs
- Open DevSecOps-related jobs