Regional ISO Engineer

JOB DESCRIPTION

Job Purpose/Role

This role will be a combination of ISO role and PCI role.

The Information Security Officer (ISO) is assigned to Security Assurance Manager. The ISO has overall responsibility for the effective implementation and maintenance of the Information Security Management System (ISMS) within Company. Furthermore, the ISO oversees the fulfilment of Information Security requirements in all services provided by Company as shared service provider to its customers. The scope of ISO covers several Business Units (usually the entire or part of Europe, Americas or APAC regions).

The PCI Compliance Officer is assigned to Security Assurance Manager. The PCI Compliance Officer provides advice on compliance matters related to Payment Cards Industries standards / frameworks. He / she represents Company to industry bodies, monitors and evaluates relevant PCI compliance risks that can affect the business. The scope of PCI Compliance Officer is global for Company Partners related demand.

Key responsibilities/What you do

ISO

Each Information Security Function shall be responsible for oversight of the related ISMS activities, risk identification and assessment, prevention and advice with respect to the Information Security Risk areas: of the local Company and of the services provided by the local Company to its customers.

The function is responsible for the effective implementation of Comapny’s Information Security principles. This includes to promptly report to the IS Function matters which potentially have impact on the Company’s reputation.

In case of conflict of interests, the ISO shall refer a matter to the Security Assurance Manager and ultimately to the Company CISO.

PCI

Define and help manage PCI DSS program

Evaluate compliance against IT security policies, functional rules, controls and Payment Cards Industry standards

Drive a distributed annual subsidiary assessment exercise

Manage vendors that support PCI engagements (scoping, assessments, consultations, etc.)

Manage non-planned PCI-related inquiries and provide/coordinate unified guidance to subsidiary and Amazon service teams

Provide consultancy on PCI requirements, deliver recommendations and risk interpretations in a clear, concise and audiencespecific format.

JOB REQUIREMENT

Bachelor's degree in Computer or higher in related fields.

Recognized Information Security Certifications e.g. CISSP, CISM. CRISC or ISO27001 Lead Auditor preferred

Experience with internal controls, risk assessments, business processes and internal IT control testing or operational auditing

Information Security experience related to risk management controls assurance & compliance programs

Previous experience creating and/or performing review and gap analysis of information security policies and standards against cybersecurity frameworks

Related security control and compliance experience in various frameworks including PCI DSS, PCI PA-DSS, PCI PTS, GLBA, NYDFS, ISO, NIST, etc.

Excellent communication skills, interpersonal, oral, and written in English

WHAT'S ON OFFER

We offer a hybrid work model which recognizes the value of striking a balance between in-person collaboration and remote working incl. up to 25 days per year working from abroad

We believe in rewarding performance and our compensation and benefits package includes a company bonus scheme, pension, employee shares program and multiple employee discounts (details vary by location)

From career development and digital learning programs to international career mobility, we offer lifelong learning for our employees worldwide and an environment where innovation, delivery and empowerment are fostered

Flexible working, health and wellbeing offers (including healthcare and parental leave benefits) support to balance family and career and help our people return from career breaks with experience that nothing else can teach

CONTACT

PEGASI – IT Recruitment Consultancy | Email: recruit@pegasi.com.vn | Tel: +84 28 3622 8666

We are PEGASI – IT Recruitment Consultancy in Vietnam. If you are looking for new opportunity for your career path, kindly visit our website www.pegasi.com.vn for your reference. Thank you!

Job Summary

Company Type:

Fintech

Technical Skills:

Security

Location:

Others - Thailand

Working Policy:

Salary:

130K – 160K THB

Job ID:

J01245

Status:

Related Job:

Featured Job

(Senior) Embedded Security Engineer – Linux / Android Platforms

Ho Chi Minh, Ha Noi - Viet Nam

Outsource

Security
Embedded

#About the Role We are looking for 10 Senior Embedded Security Engineers to design, implement, and validate end-to-end security solutions on modern embedded platforms. This role is open to candidates from multiple domains, including Automotive, IoT, Mobile Devices, and Embedded Systems. If you have hands-on experience securing Linux / Android-based systems, SoCs, or connected devices, and are interested in working on automotive-grade platforms such as Infotainment (IVI) and ADAS, we strongly encourage you to apply. You will work on modern SoC platforms (e.g. Qualcomm, Renesas, TI, Marvell) running Android Automotive, Linux, QNX, or AUTOSAR-based systems, contributing to secure, scalable, and production-ready embedded solutions.# #Main Responsibilities #Security Architecture & Engineering Design and implement end-to-end security features for embedded platforms, including: Secure Boot, Trusted Execution Environments (TEE), Secure storage, Secure update mechanisms, Secure communication, etc... Contribute to security architecture definition for embedded and connected systems. #Threat Modeling & Reviews Perform security architecture reviews and threat modeling for infotainment, ADAS, IoT, or connected device platforms. Identify risks, define mitigation strategies, and drive security improvements early in the development lifecycle. #Security Implementation & Hardening Implement security hardening for Linux / Android / QNX systems. Conduct secure code reviews and collaborate with development teams to address vulnerabilities. Support integration of access control and system hardening mechanisms (e.g. SELinux, AppArmor). #Testing & Validation Perform security testing and validation, including: Static and dynamic analysis, Fuzzing, Penetration testing Validate security features on real hardware and production-like environments. #Process & Compliance Develop and maintain security requirements and security engineering processes (SEP). Support compliance with relevant security standards and best practices.

Negotiation

View details

Lead/Principal Java Software Engineer

Ho Chi Minh - Viet Nam

Outsource

Java

Provide hands-on leadership to the design, development, and deployment of technical solutions; Collaborate with other technology leaders towards improving and fulfilling the client's technical direction; Evangelizing and promoting Java /JavaScript - Node.js & React.js best practices; Be passionate about Java understanding how to implement advancement for existing or new systems; Lead and conduct training to empower engineers on sufficient programming skills; Design, develop, review, implement, and manage Java application code and services for the production and pre-release environments; Design, develop, review, implement, and manage continuous integration, build management and deployment scripts, systems, and any code as required; Participate in Agile software development, prototyping, and code review with international development teams to build scalable microservices-based products and APIs using Java technologies on AWS or Azure cloud architecture; Understand the requirements of the customer or business and utilize this knowledge to develop applications that are consistent with this; Work with delivery teams to achieve success through development using CI/CD and DevOps practices, processes, and tooling; Provide robust coding practices, solid unit/component test coverage, and debugging code;

Negotiation

View details

Senior Java Software Engineer

Ho Chi Minh - Viet Nam

Outsource

Java

Design, develop, review, implement, and manage Java applications and services for the production and pre-release environments; Design, develop, review, implement, and manage continuous integration, build management and deployment scripts, systems, and any code as required; Participate in Agile software development, prototyping, and code review with international development teams to build scalable microservices-based products and APIs using Java technologies on AWS Cloud architecture; Fully understand the requirements of the customer or business and utilize this knowledge to develop applications that are consistent with this; Work with delivery teams to achieve success through development using CI/CD and DevOps practices, processes, and tooling; Provide robust coding practices, solid unit/component test coverage, and debugging code.

Negotiation

View details