Senior Manager Technology Assurance

JOB DESCRIPTION

PURPOSE
Lead the overall technical assurance definition and execution of the Technology Assurance framework and programs that guide, monitor, evaluate and report on the efficiency of the internal controls related to technology.
Be the subject matter and provide expertise level guidance on compliance requirements related to technology for control/process documentation, testing and issue management.
Lead and drive the collaboration with Group InfoSec Governance to effectively assess the critical and key gaps against standards, as well as international and local regulatory requirements related to technology.
Lead and manage the Technology assessment at an expert level and evaluate and advise the overall design and effectiveness of all key technology controls throughout the business cycle.
KEY ACCOUNTABILITIES
Contribute and support the Head of Technology Assurance & Information Security Governance in defining, developing andmaintaining technology assurance framework in all the Company's markets in accordance with the Group Technology Roadmap.
Work closely with senior management of business units and within Group Technology through tracking and reporting function, to ensure regular updates to management on the Technology Assurance programs.
Be accountable for the planning, managemen tand execution of the day-to-day activities of Technology related audit engagements.
Ensure system and control owners are identified; and coordinate with owners to support technology assurance and assessment activities.
Collaborate with key technology, business, risk, audit and compliance teams to identify, evaluate and address critical technology related risks.
Proactively research industry trends anddefine, influence and implement appropriate and practical technology related KRIs, metrics and solutions to create and enhance process efficiency and address key risks.
Define, oversee and ensure all test scenarios for effectiveness of the internal controls and provide guidance to remediate the deficiencies/ weaknesses.
Ensure the Company readiness for IT Security Internal/External audits.
Advise BUs on Technology risk assessment.
KEY PERFORMANCE INDICATORS
Guide the Company's markets in adoption of the technology assurance framework.
Working on a group level work with all stakeholder to gather and organise and deliver key business requirements.
Ensure the accuracy and consistency of the technology assurance program.
Meet the objectives of the program within the defined timelines.
Improve the visibility of technology controls, risks and vulnerabilities.
Ensure Technology controls are compliant against required standards/ benchmarks and best practices.
Ensure timely implementation of recommendations for remediating the weaknesses/deficiencies.
Keep pace with changes in technologies in support of IT/Security compliance programs.
Doing things right, creating synergies for the overall the Company's goals and objectives, along with a people first approach.
EXTERNAL & INTERNAL CONTACTS
Group Head of Information Security Governance and tech assurance
Group IT and IT Security Teams
Business Units Technology Teams
Internal Audit
External Auditors
Vendors and/or Service Providers
Group operational risk
Group legal and Compliance

JOB REQUIREMENT

QUALIFICATIONS / EXPERIENCE
Minimum 6-8 years of experience in IT Audit and Risk Assessment.
Degree from Information Technology or equivalent discipline
One of industry recognized certification such as CGEIT, CISSP, CISM, CISA, ISO 27001, CRISC, PCI DSS etc.
KNOWLEDGE & TECHNICAL SKILLS
Excellent stakeholder management and communication skills.
Project delivering experience
Solid understanding of current and emerging technologies.
Understanding of IT SOX and other IT/IS frameworks and best practices such as COSO, COBIT, ITIL, ISO 27001, SOC 2, 3, etc.
Good knowledge of privacy regulations and data protection.
Detailed oriented and able to work under pressure and accustomed to work under tight deadlines.
Team-oriented, collaborative, diplomatic andflexible.
Strong written and verbal communication skills, strong interpersonal skills and the ability to communicate effectively across business units.

WHAT'S ON OFFER

13th salary
Bonus paid in April next year if joining before Oct 2024
Paid leave up to 22 days per year (prorated for partially joining)
Work remote 1 day per week
Health insurance for employees and direct dependents

CONTACT

PEGASI – IT Recruitment Consultancy | Email: recruit@pegasi.com.vn | Tel: +84 28 3622 8666
We are PEGASI – IT Recruitment Consultancy in Vietnam. If you are looking for new opportunity for your career path, kindly visit our website www.pegasi.com.vn for your reference. Thank you!

Job Summary

Company Type:

insurance, Hongkong company

Technical Skills:

Security

Location:

Ho Chi Minh - Viet Nam

Working Policy:

Salary:

Negotiation

Job ID:

J01573

Status:

Close

Related Job:

Penetration Tester

Ha Noi - Viet Nam

Product

  • Pentest

Tham gia triển khai dịch vụ pentest cho khách hàng: tiếp nhận yêu cầu, xác định phạm vi và điều kiện đảm bảo của các dự án pentest được giao. Phân chia công việc theo quy trình pentest và giao cho các thành viên thực hiện dự án. Hướng dẫn các pentester thực hiện kiểm tra đánh giá ATTT cho ứng dụng. Kiểm soát chất lượng dịch vụ, tuân thủ quy trình, nguồn lực và thời gian triển khai cho các dự án được giao. Là đầu mối kỹ thuật, làm việc với các bộ phận nội bộ và Khách hàng để phối hợp giải quyết các vấn đề trong phạm vi cung cấp dịch vụ. Nghiên cứu cải tiến quy trình, checklist và các kỹ thuật mới nhằm nâng cao chất lượng dịch vụ và năng suất lao động, giảm tỉ lệ sót lỗi. Đảm bảo SLA theo hợp đồng đã ký với Khách hàng.

Negotiation

View details

SOC Management Specialist

Ho Chi Minh, Ha Noi - Viet Nam

Product

  • Security
  • System
  • Network

Quản lý và kiểm soát chất lượng dịch vụ: Đảm bảo chất lượng các dịch vụ an toàn thông tin (ATTT) cung cấp cho nhóm khách hàng của công ty, bao gồm: Giám sát ATTT 24/7, Xử lý sự cố, Threat Hunting, Threat Intelligence, ... Quản lý mức độ trưởng thành ATTT: Thực hiện đánh giá, tư vấn và đề xuất giải pháp nhằm nâng cao mức độ trưởng thành về ATTT cho khách hàng. Quản lý rủi ro và mối đe dọa ATTT: Theo dõi, phân tích và quản lý rủi ro ATTT cũng như tiếp xúc liên tục với các mối đe dọa đối với hệ thống của khách hàng. Nhận diện và xử lý vấn đề ATTT: Phát hiện và quản lý các vấn đề phát sinh liên quan đến ATTT trong quá trình giám sát vận hành và xử lý sự cố. Phối hợp liên phòng ban: Đại diện Trung tâm Giám sát (TTGS) làm việc với các bộ phận nội bộ VCS như Triển khai, Phát triển giải pháp, Quản lý dự án (PM), Kinh doanh, Pre-sale, Account Manager (AM), Chăm sóc khách hàng (CSKH), ... và khách hàng để phối hợp xử lý các vấn đề trong phạm vi dịch vụ cung cấp. Đảm bảo cam kết dịch vụ (SLA): Theo dõi và đảm bảo các chỉ số SLA được thực hiện đúng theo hợp đồng đã ký kết với khách hàng.

Negotiation

View details

Senior Staff Engineer

Ho Chi Minh - Viet Nam

Product

  • NestJS
  • Angular
  • Typescript

Revamp and streamline key components throughout the Angular 20 + NestJS codebase. Recognize and integrate architectural enhancements such as modularization, domain distinction, and shared service boundaries. Work closely with the CTO to refine product architecture without disrupting release schedule. Guarantee system efficiency, data integrity, and sustainability through improved design. Analyze crucial code pathways and mentor others in cutting-edge Angular and TypeScript methodologies. Introduce practices that elevate testability, deployment security, and developer productivity. Engage in product design conversations to synchronize engineering endeavors with actual user requirements.

Negotiation

View details