Home Credit Vietnam

Tóm tắt công việc

*According to Decree No.13/2023/ND-CP on protecting personal data (“PDP”), Home Credit Vietnam would apply "Personal Data Processing Agreement" with all candidates to ensure compliance with the decree.

By submitting this application to Home Credit Vietnam Finance Company Limited through ITViec, you agree to allow Home Credit to proceed your provided information in accordance with Personal Data Processing Agreement that you have read, fully understood and agreed to the entire content at link

We are opening 3 vacancies in IT Security Team: 

1/ Architect Position

• Ensure IT Security solutions architecture and portfolio is aligned with approved IT Security Strategy and IT Security policy.
• Ensure projects are compliant with the security architecture framework and secure development standards.
• Ensuring security solution meets the business requirements, security and performance goal.
• Evaluate and document existing security technology solutions (databases, application, network, governance or monitoring security tools and technologies, and so on).
• Follows the new/current security trends and technology trends and identifies systems with risk for the functioning company and implements minimum security level required; provides a security solution business processes.
• Identify the IT risk at the beginning of the project and required security controls or corrective measures.
• Provide stakeholders with the explanation of security risks, controls, and measures in business language.
• Participate the assessments and remediation of identified findings of IT Security.
• Reduce workload to security team by adding automation in daily/weekly/quarterly task

2/ SecOps Position

• Establish and ensure Security Controls.
• Collaborate with Functional Teams for designing and implementing Security requirements on-premise/ cloud environment.
• Responding to security incidents and write reports/ write-ups.
• Reviews violations of security procedures; provides corrective measures to ensure violations do not recur.
• Cover area of user account life cycle management, including creating, provisioning, securing, and inactivation of access.
• Participate in projects and production support operations focused on implementing Identity and Access Management (IAM) integrations and Roles Based Access Control (RBAC) strategies and integrations.
• Collaborate in the design, implementation, and support of the IAM technologies.
• Participate in projects to ensure standard processes and procedures are implemented when rolling out new provisioning role management points.
• Performs other related duties as assigned.

3/ Governance Position 

• Develop and enforce security policies, standards and guidelines to ensure compliance of Information Security with regulations.
• Define IT security requirements and controls in line with the security classification, and internal and external regulations.
• Perform the IT Risk assessment, maintain the IT Risk register and an inventory of controls, implement controls to address identified risk exposure, identify risk response options.
• Identifies and consolidates information assets, maintains Information asset register.
• Perform and report regular check the IT security compliance requirements.
• Initiate, facilitate, and promote activities to foster information security awareness within the organization, create set of trainings for different groups of users to accommodate their needs.
• Contribute to team effort by accomplishing related results as needed.
• Prepare project status reports by collecting, analyzing, and summarizing information and trends.
• Schedule and facilitate meetings related to projects.
• Manage project execution to ensure adherence to schedule, scope.
• Monitor or track project milestones and deliverables.
• Direct or coordinate activities of project personnel.

Why you'll love working here

Understanding candidates' expectations of the ideal workplace, we always put the people element at the top of our priorities. ​

Compensation programs and employees' development opportunities for employees are always significantly invested in, bringing you:​

Primary benefits:

• 13th-month Salary and performance- based KPI Bonus ​
• 15+ Annual Leaves​
• Full Social Insurance, 24/7 Accidental Insurance, Annual Medical Check- up​
• Team Building and CSR activities: Year- end Party, New-year Party, Company trip, Charity activities, Blood donation​
• Learning workshops: Udemy E-learning, English courses, Senior management development training programs​

Our culture fosters your career development through: ​

1. Strategy ​

• Thinking Big: We focus on creating meaningful and sustainable opportunities for the company. ​
• Customer Obsession: We try to understand future customer needs, trends, and the impact of digital transformation. ​

2. Implementation ​

• Digital Savviness: We seek to understand the technological aspects of the business to enhance efficiency and customer experience. ​
• Entrepreneurship: We communicate the company's strategy and purpose to others, inspire and lead them effectively. ​
• Risk in mind: We consider risks and their possible effects before making decisions. ​
• Operational Excellence:  We stay focused on the goal, disciplined in tightening tasks to the end. ​

3. Building the organization ​

• People Centricity: We sustain focus on the development of team members through meaningful development plans and learning opportunities. ​
• Integrity: We always stay focused on the goal you need to achieve, refrain from getting into personal conflicts.

1/ Architect Position

• Graduation from university with a degree in Computer Science, Computer Networking.
• Experience in the area of IT Security, knowledge of IT security technologies (SIEM, IDM, MDM, PAM, Vulnerabilities Management, etc.).
• Experience with cloud environment
• Experience with automation
• Experience in the area of designing, deploying, configuring, supporting, troubleshooting, debugging and administering Information Security Products (e.g. Firewalls, Proxy, IDS/IPS, Load balancers, Antivirus solutions, DLP, WAF, SIEM, ... etc.).
• Knowledge of Unix based systems and Windows systems, network infrastructure and network security.
• Experience in one or more of: Python, PowerShell, scripting experience in Shell
• Good skills in external communication (cross-functional teams).
• Ability to manage deadlines and work effectively under pressure.

2/ SecOps Position

• Understanding of complex enterprise environments and current technology areas like cloud and mobility
• Demonstrated success using Active Directory or Identity and Access management tools
• Demonstrated success administrating Identity Management and Access
• Demonstrated success with the development of workflows and documentation related to identity and access management.
• Experience in the other areas of IT Security, knowledge of IT security technologies (IDM, MDM, PAM, Vulnerabilities Management, etc.).
• Knowledge of Unix based systems and Windows systems, network infrastructure and network security.
• Experience in one or more of : Python, PowerShell, scripting experience in Shell
• Good skills in external communication (cross-functional teams).
• Ability to manage deadlines and work effectively under pressure.
• Be able to perform multi-tasks with different priorities and take important notice for assigned tasks and finish urgent matters in required time.
• English working proficiency (written and spoken).

3/ Governance Position 

• At least 03-year experience in IT security areas.
• Knowledge of ISMS/ ISO 27000 and other security best practices (COBIT, NIST, CIS, ...).
• Knowledge of local regulation related to IT and financial business (mainly Circular 09)
• Experience in the area of IT Security, basic knowledge of IT security technologies (SIEM, IDM, MDM, PAM, Vulnerabilities Management, etc.).
• Knowledge in Project Management and Documentation.
• Good skills in external communication (cross-functional teams).
• Ability to manage deadlines and work effectively under pressure.