IT Governance Prof Senior
Ho Chi Minh City, VN
RHI Magnesita
Ho Chi Minh City
As a Global InfoSec GRC Specialist, you will play a pivotal role in defining, implementing, and managing the governance, risk management, and compliance strategies for our organization's information security across all international operations. User awareness & training is another integral part of the position.
You will ensure that our information security measures are aligned with business objectives, industry standards, and regulatory requirements worldwide. This role requires a deep understanding of information security principles, global regulatory landscapes, and risk management practices.
Key Responsibilities:
- Develop and maintain global information security policies, standards, and guidelines in accordance with industry’s best practices and regulatory requirements.
- Conduct regular risk assessments to identify, assess, and prioritize information security risks across the organization.
- Implement and manage an effective information security governance framework that aligns with business goals and global regulatory environments.
- Collaborate with various departments to ensure information security compliance across all business processes and technology systems.
- Monitor and report on compliance with information security policies and standards, as well as compliance with external regulations.
- Coordinate with internal and external auditors to facilitate information security audits and ensure the resolution of audit findings.
- Provide guidance and support for information security awareness and training programs.
- Stay informed of emerging information security threats, technologies, and global regulatory changes that may impact the organization.
- Support the development and implementation of incident response plans and procedures to handle security breaches or violations.
- Advise on information security implications of new business initiatives or technology projects, ensuring that security is integrated from inception.
Qualifications:
- Bachelor’s degree in information technology, Cybersecurity, Computer Science, or a related field or similar experience.
- Professional certifications such as CISSP, CISM, CISA, CRISC, or equivalent are highly desirable.
- Minimum of 5 years of experience in information security, with at least 2 years focused on GRC in a global context.
- Deep understanding of global information security standards and frameworks (e.g., ISO 27001, NIST, GDPR, LGPD).
- Experience with risk assessment methodologies and tools (e.g., Eramba).
- Strong knowledge of global regulatory requirements and their implications for information security.
- Excellent analytical, problem-solving, and decision-making skills.
- Strong communication and interpersonal skills, with the ability to effectively communicate complex information security concepts to both technical and non-technical stakeholders.
- Fluent in English; proficiency in Mandarin.
Working Conditions:
- This role may require occasional international travel.
- Flexible working hours to accommodate global time zones may be necessary.
- Hybrid work environment.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISA CISM CISSP Compliance Computer Science CRISC GDPR Governance Incident response ISO 27001 NIST Risk assessment Risk management
Perks/benefits: Flex hours
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Security Operations Engineer jobs
- Open Cloud Security Architect jobs
- Open Principal Security Engineer jobs
- Open Information Security Officer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Information System Security Officer (ISSO) jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Architect jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Threat intelligence-related jobs
- Open DoD-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open TS/SCI-related jobs