IT Risk & Cyber Security Senior

Work individually or with teams to deliver risk services which includes:
• Work closely with the Audit team to manage and deliver the IT audit engagements
• Identify and evaluate general IT-related business and technology risks, IT controls which mitigate risks, and related opportunities for improvement.
• Deliver IT advisory engagements, identify IT related financial and business risks, perform in-depth analysis of business processes, risks and controls, develop and implement controls testing work programs to provide assurance over the design and operating effectiveness of controls, draft reports and agree draft findings and improvement recommendations with client management.
• Conduct the working sessions with clients independently including interviews to gather the needs, workshops to present the work products, meetings to update/ resolve project matters.
• Produce quality client deliverables such as analysis, reports or presentations that outline finding and recommendations.
• Work with peers in other specialist areas of the team to ensure the broader IT Risk Advisory propositions are taken to our key clients and relationships.
• Work closely with the project manager in project progression, quality, people and risk management
• Demonstrate specific service area/competency and/or industry expertise that results in tangible value for our clients.

• Degree in Information Systems, Information Technology, Computer Science or equivalent
• Relevant professional qualifications such as OSCP, CEH, CHFI, CISA qualification (completed) and ISO 27001:2013 Lead Auditor would be an advantage.
• Familiar using security audit tools available such as Nessus, Kali, Burp, WebInspect, , etc and hardware/software security implementation.
•Fluent oral and written English communication

**Strong IT security and IT technical knowledge as well as working experiences in any of the following areas
• Operating system configuration and security review for any of various various operating systems (Windows, Linux, etc) and databases (SQL, Oracle, DB2, etc). This includes the ability conduct the vulnerability assessment by using security scanning tools.
• Good knowledge of information technology, such as: physical hardware, software application, software testing, database management, data analysis, network knowledge (LAN and WAN infrastructure), and general IT security
• Have experience using SIEM such as: IBM, RSA, LogRhythm, Splunk, McAfee would be an advantage.
• Have at least 02 year experience operate the security device such as: Network firewall, (Web) Application Firewall, IPS, Load balancing, Network Access Control of these vendor : Cisco, Checkpoint, Juniper, Fortinet, Palo Alto Networks, F5, Imperva, A10, Citrix, McAfee, IBM, HP, Forescout ..etc.
• Strong analytical, Logical thinking and problem solving capabilities
• Team-work spirit and professional working behavior
• Able to research new knowledge and technology

- Healthcare program
- Laptop to support for daily works

Hồ sơ theo yêu cầu của nhà tuyển dụng khi liên hệ trực tiếp