* Principal Responsibilities:
1. Design and operate IT risk and security programs. Provide IT security services that comprise oversight, investigations, strategic vision, and trusted advisory services to IT and Business teams.
2. Develops and manages security (e.g., data, systems, network, and/or Web) across the company. Identifies security risks and exposures, determines the causes of security violations, and suggests procedures to halt future incidents.
3. Provides management with risk assessments and security briefings to advise them of critical issues that may affect customer, corporate security objectives.
4. To direct, manage, plan, and administer the operational and administrative activities associated with the running of ITRS function.

* Functional Responsibilities:
1. To provide recommendations for new or modified policies, standards, and/or guidance documents based on changing technologies, cyber security landscape, and Vietnam’s cyber security regulations;
2. To evaluate, recommend and manage the implementation of security products & services. To perform Risk Assessment of third-party service provider arrangements.
3. To design and support IT security solutions that may be comprised of hardware and software components.
4. To proactively identify security risks and exposures by participating in continuous security reviews, evaluations, and risk assessments.
5. To oversees security awareness programs and provide education on security policies and practices and/or provide training on guidance for compliance with governmental laws and regulations.
6. To manage security testing, reports, and remediations either by internal or external parties.
7. To manage the IT Risk & Security services including but not limited to analysis, action planning, execution, and reporting.
8. To lead and manage IT security incidents. Provide quick guidance and solution for mitigation and remediation minimizing impacts to the business operation as well as reputation.
9. To design, implement, and maintain processes and procedures to ensure the security of data, applications, and infrastructure.
10. Act as the liaison between audit/compliance and IT, reviewing all audit/compliance reports and responses to ensure timeliness and the effectiveness of the corrective actions.

* Supervisory Responsibilities:
1. May provide work guidance to lower-level and project staff.
2. Manage the vendor resources to deliver quality in projects.