Information Risk Management Senior Specialist
Manulife
- Tp Hồ Chí Minh
- Lâu dài
- Toàn thời gian
- Main point of contact from Vietnam Information Services for internal and external audits and assessments. Coordinate audit activities with Information Services teams and ensure the timely reporting and remediation of audit findings.
- Country response unit for information security incidents. Liaise with Security Operation Centers, Global Incident Response, and other country stakeholders to ensure security incidents are appropriately resolved and reported.
- Coordinate country local security activities, including but not limited to application security scanning and penetration test, logical access reviews, information risk awareness and readiness for the Business Units.
- Supports ongoing management of application security vulnerabilities through a centralized vulnerability tracking system and defect tracking system.
- Support ITCG Lead to oversee the participation of Information Services in the company Business Continuity Management program. Work with Information Services teams and Application owners to conduct Disaster Recovery exercises for business applications.
- Drives execution of the IT Risk and Controls Self Assessment Program (RCSA) processes for applications, infrastructure, and processes.
- Assists in the development of application security components throughout all stages of the Software Development Life Cycle (SDLC). Participate in the Change Advisory Board to ensure security governance over system changes.
- Assist to prepare management reports for local risk profiles and appetites, IRM performance metrics, risk exposures, open IRM issues and corrective action plans.
- Assist ITCG Lead in providing advisory and security recommendations to Vietnam Information Services and Business units. Ensure compliance with the requirements from IRM policies and guidelines throughout projects delivery.
- Assist ITCG Lead to perform and validate Information and Vendor Risk Assessment, participate in due diligence on vendor selection process, identify potential risk and provide guidance of risk mitigation and acceptance process.
- Supports policy maker in the development, implementation, and maintenance of cybersecurity governance frameworks, policies, and procedures aligned with industry standards and local and international regulatory requirements.
- Other IRM tasks as assigned by ITCG Lead.
- You obsess about customers, listen, engage, and act for their benefit
- You think big, with curiosity to discover ways to use your agile mindset and enable business outcomes
- You thrive in teams, and enjoy getting things done together
- You take ownership and build solutions, focusing on what matters
- You do what is right, work with integrity and speak up
- You share your humanity, helping us build a diverse and inclusive work environment for everyone
- You obsess about customers, listen, engage and act for their benefit.
- You think big, with curiosity to discover ways to use your agile approach and enable business outcomes.
- You thrive in teams and enjoy getting things done together.
- You take ownership and build solutions, focusing on what matters.
- You do what is right, work with integrity and speak up.
- You share your humanity, helping us build a diverse and inclusive work environment for everyone.
- University graduate with minimum 3 years solid experience in IT governance and IT Security Management gained in financial industry preferable.
- Experience in information risk, IT audit and compliance.
- Hold on security certificate is a plus.
- Auditing / Consulting background is a plus
- Proficient in English, spoken and written.
- Having high integrity and professional work practice.
- Appreciation of peoples and cultures of different countries.
- Good analytical, teamwork capability and able to work independently.
- Good interpersonal communication, management and presentation skills.
- Good audit skills and techniques
- A competitive salary and benefits packages.
- A growth trajectory that extends upward and outward, encouraging you to follow your passions and learn new skills.
- A focus on growing your career path with us.
- Flexible work policies and strong work-life balance.
- Professional development and leadership opportunities.
- Values-first culture We lead with our Values every day and bring them to life together.
- Boundless opportunity We create opportunities to learn and grow at every stage of your career.
- Continuous innovation We invite you to help redefine the future of financial services.
- Delivering the promise of Diversity, Equity and Inclusion We foster an inclusive workplace where everyone thrives.
- Championing Corporate Citizenship We build a business that benefits all stakeholders and has a positive social and environmental impact.