[VNG]Security Auditor

Mã vị trí: 22-ISO-0216
Nơi làm việc: Tp.Hồ Chí Minh
Lương: Thỏa thuận

Mô tả công việc

  • Execute the assigned security audit task based on the policies/procedures and identified risks
  • Indecent on testing the effectiveness and performing the security audit to assess the controls by analyzing the obtained data/logs in order to determine the lack of compliance, fraud with the polices or procedure
  • Ability to multi-task, by clearly documenting the results of testing on more than one audit concurrently
  • Ability to leverage the log analytic tool to build the internal tools for security audit tasks
  • Generate the plan for monitoring and tracking the mitigation of security risks / compliance issues
  • Analyze network/system log or configuration in order to evaluate or examine the security misconfigurations or non-compliances
  • In charge of Internal Security Project included: Schedules and facilitate meeting related to project/developments in association with departments for implementing the security audit/manage the security audit execution and milestone
  • Write technical reports that analyze/interpret audit results and prepare the security audit status report by the collected information
  • Understand new and existing technologies.

Yêu cầu

Background:

  • Understand in performing the audit of IT general controls, application controls, change controls, configuration management. Ability to test the control design and effectiveness
  • Understanding of Operating system included Linux (distros) / Windows
  • Understanding the basic of Network infrastructure
  • Understanding the Program language (Python as an advatange)
  • Knowledge in Project Management and Documentation
  • Understanding of policy, compliance of information security.
  • Previous experience with security audit or IT General Audit
  • Minimum of 2 years' experience working as an IT / IS Auditor or Security Industry
  • Previous experience (at least +2 years) as the IT auditor or security auditor in Enterprise system or Audit Firm
  • Previous experience (at least +2 years) as the System Engineering in Enterprise system
  • Basic understanding of security standards/regulations (PCIDSS, ISO27K,etc.) as an advantage

Interpersonal skills: 

  • Well English (four skills) to read the document, write the report and communicate.
  • Be proactive in problem solving / strong critical thinking and well collaboration with many different teams.
  • Strong communicator, decision-maker, collaborative