Head of IT Security

JOB DESCRIPTION

Objective

Develops, implements, and maintains an effective information security program to ensure the protection of the our Client's information and computing resources.

Key responsibilities/duties:

lEnsures confidentiality, integrity, and availability of Home credit information and computing systems by managing the planning, implementation, and enhancement of the Bank's Information Security assurance program.

lServes as a project manager or provides project oversight for Information Security related projects.

lManages technically skilled individuals by performing normal management functions of staffing, planning, controlling, and directing; reviewing and evaluating performance; reviewing employment candidates; recommending salary increases and promotions for the Information Security group; and preparing budget for area of supervision.

lAccommodates the Home credit automation objectives and development of Home credit policies on information security by developing strategic, tactical and operational information security plans.

lDevelops and administers internal information security assurance, standards and procedures.

lProvides oversight for all Information Security related incidents and investigations.

lProvides Security Consulting Services Bank Management and Business functions as needed in a manner that is consistent with the risk framework identified by the Home credit System Information Security policy.

lContributes to and participates Home credit Operational Risk Management.

lServes as a central point of contact with staff and Internal Audit department, and external audit functions for consultation on information security issues, controls and compliance .

lOversees the implementation of information security awareness programs for Home credit's staff.

lEnsures that safety rules and regulations are adhered to by personnel in area, and performs job duties and responsibilities in conformance with sound safety practices.

JOB REQUIREMENT

Fluent English and Vietnamese – spoken & written

Bachelor's degree or equivalent experience.

Minimum of five years work experience directly in the information security field.

Minimum of three years management or similar leadership experience.

Excellent risk management, enterprise defense, consulting and external "threat awareness" competencies.

Strong knowledge of various automated security control systems, encryption, message authentication, vulnerability assessment, intrusion detection, penetration testing, incident response, and manual control procedures.

Working knowledge of security systems associated with computing platforms, networking, operating systems and applications.

Strong knowledge, experience or understanding of security policy or control frameworks and risk assessment tools.

Possesses conflict resolution and values of openness, honesty and respect.

Very strong analytical, planning, problem solving, organizational, project management skills and the ability to multi-task well.

Very strong interpersonal, oral and written communication skills, including the ability to communicate with all levels of organization and European HQ.

Ability to understand and manage complex technical and security problems that require attention to detail, timely resolution and a high degree of discretion.

Nice to have:

Experience with regulation of financial industry in Vietnam preferred.

CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager) or similar Information Security certifications preferred.

WHAT'S ON OFFER

Monthly allowance (600k)

13th-month Salary and performance- based KPI Bonus (1-3 months)

15+ Annual Leaves

Flexible time, Work-from-home policies

Full Social Insurance, 24/7 Accidental Insurance, Annual Medical Check- up,Premium PTI 24/7

Team Building and CSR activities: Year- end Party, New-year Party, Company trip, Charity activities, Blood donation

Learning workshops: Free Udemy E-learning, English courses, Senior management development training programs

CONTACT

PEGASI – IT Recruitment Consultancy | Email: recruit@pegasi.com.vn | Tel: +84 28 3622 8666

We are PEGASI – IT Recruitment Consultancy in Vietnam. If you are looking for new opportunity for your career path, kindly visit our website www.pegasi.com.vn for your reference. Thank you!

Job Summary

Company Type:

Product

Technical Skills:

Security

Location:

Ho Chi Minh - Viet Nam

Working Policy:

Job ID:

J01048

Status:

Related Job:

Head of Product Delivery and Operations (Transformation & Orchestration)

Ho Chi Minh, Ha Noi - Viet Nam

Product

Lead and develop five chapters: Data Risk Management, Business Analysis, Product Chapter, PMO, and Product Monitoring, setting clear performance expectations and fostering a culture of quality and continuous improvement Manage the triage, impact assessment, communication, and resolution of data quality incidents, ensuring appropriate governance, escalation, and stakeholder notification Ensure Financial Crime products maintain ongoing compliance with regulatory obligations, design standards, and agreed operational parameters Provide product support partnering with Australian and India-based product teams to plan, test, and deliver high-quality incremental change Ensure the BA chapter delivers structured requirements, well-formed user stories, and adequate test coverage across all change activities Monitor and report on Financial Crime product performance and AI model health, translating data into clear insights and risk signals Represent the Vietnam team in governance forums and performance reviews with Australian leadership, providing transparent reporting on team output and service levels Partner with Australian product, risk, and operations leads to align Vietnam team priorities with broader transformation objectives

Negotiation

View details

Head of Divisional Controls

Ho Chi Minh - Viet Nam

Product

A Senior Technology Risk leadership background to work with the business stakeholders and the technology Risk teams includes identifying, assessing, and managing technology risks across infrastructure, applications, cloud, data, cybersecurity, third party services, and emerging technologies and able to understand the business needs This role is responsible for working proactively in a team supporting the Company in its execution of risk management accountabilities and responsibilities. The tasks or activities for which this role is responsible each day are set out in Group policies, standards and guidance notes and revolve around technical, operational and compliance event management, change risk management, remediation/response, risk and obligation profiling. Advising business leaders on the application of the risk and compliance management framework to evaluate risks in order to achieve business outcomes. Engaging and managing senior stakeholders to implement and improve business systems and processes through the use/integration of the risk and compliance framework. Working with the business to implement systems and controls to manage the requirements of risk and compliance policies which apply to the business. Risk profiling: assisting to identify key risks and design of indicators to monitor, input into Divisional Risk Setting Statements as relevant. Designing controls: assisting to identify the right key controls to mitigate key risks and obligations applicable to the business in partnership with specialist controls team. Providing guidance on risk and control items including Subject Matter Expertise for the following: Risks, Obligations Events, Change, and related Policies; Remediation action plans to address any control design or operating effectiveness gaps; Requisitions on Management attestations, ensuring evidence is consolidated at a Sub-Divisional level; Relevant Risk Management Forums and/or other risk related committees as required. Engaging the relevant Enterprise Controls communities for expert assistance as appropriate. Providing business specific input and context to: Risk deep dive reviews; Internal Audit reviews; Assurance reports; Action plans for ineffective operational controls. Uplifting risk management maturity, culture and practices. Assisting in regulatory responses and regulatory engagement matters. Providing strategic guidance to the team on scope and approach for testing of controls Assisting in regulatory responses and regulatory engagement matters

Negotiation

View details

Head of Technology Delivery

Ho Chi Minh - Viet Nam

Product

Provide technical program leadership across large-scale, high-value initiatives with complex dependencies, significant investment, and extended delivery timeframes, operating across multiple lines of business and geographies. Accountable for end-to-end delivery of portfolios and programs, including delivery and financial governance, quality and controls, stakeholder engagement, resource management, and benefits realisation. Lead and coordinate global teams to deliver significant business and technology transformation, while providing direct and second-line people leadership, including capability, capacity, and talent management. Coach and develop leaders and teams, role-modelling Who We Are, PEAK, and Distinctive Leadership behaviours, and embedding a consistent, standardised delivery model through continuous improvement. Collaborate with the Delivery Excellence Team to build capability and drive a consistent, standardised delivery model across the group, driving continuous improvement.

Negotiation

View details