Aurify

Tóm tắt công việc

Join an International Fintech Leader ( Branch office in Vietnam)

Are you a highly skilled Information Security professional looking to make a significant impact within a leading international fintech group?

Our client, a respected international group headquartered in Belgium and a key player in the fintech industry, is expanding its operations and seeking a dedicated Information Security Officer to be based right here in Vietnam. Aurify works closely with this client, providing essential IT services and fostering a strong partnership.

In this pivotal role, you will be the driving force behind the Information Security Strategy and Operations for the group. We are looking for a candidate with proven, hands-on expertise in:

• Information Security Management Systems (ISMS)
• Business Continuity Planning
• Comprehensive Risk Management
• Compliance Frameworks

You will have the unique opportunity to champion strategic security initiatives, directly supporting the international organization's growth while helping to cultivate a world-class security culture from our Vietnam hub.

Elevate your career by joining a global-standard company where your expertise in information security is valued and essential!

What you’ll be doing

• Maintain and continuously improve ISMS processes
• Draft, formalize, and validate security procedures and governance documentation
• Support BCP, DRP and crisis management readiness
• Assess the current information security operations and programs and define a further enhanced group information security program, policies and operating model aligned with our business objectives
• Propose solutions for information security issues and challenges
• Interact and inform management, compliance, legal, sales, development-and delivery teams and (security) operation teams by embodying a clear information security strategy and its operational requirements and policies
• Collaborate closely with key stakeholders, including senior leadership or CISO‑level roles.
• Support internal and external audits, compliance reporting (planning, evidence collection, gap analysis, and remediation followup, etc.).
• Follow-up on pentests and risk analyses
• Follow-up on information security initiatives/projects.
• Enhance the information security awareness and culture within the organisation 
• Support incident follow-up and integrate lessons learned into the ISMS
• Manage and support GRC tool.
• Manage and maintain the risk register and exception register

• Modern and professional European working environment
• Exceptional opportunity for traveling and training in Europe
• Highly competitive salary package (including 13th-month salary and competitive remuneration package)
• Comprehensive set of extra-legal benefits (e.g., generous private medical health insurance for employees & family members, 25 days of annual leave, annual bonus)
• Flexible work arrangements (Flexible working hours, off on Saturday and Sunday, with options for remote work, Hybrid 3 office, 2 home)
• Social insurance, health insurance, and unemployment insurance will be under Labor Law.
• Dynamic, young & international environment
• Team building activities & outing
• Brand new & state-of-art Agile office

As a member of the Aurify team, you'll have the unique opportunity to work on projects that integrate state-of-the-art technologies with a customer-centric approach. You'll be at the forefront of implementing practices that ensure cost management and security compliance, all within a framework that values simplicity and smart solutions, echoing the mission of Unifiedpost. Join us in our journey to navigate the complexities of the cloud landscape together, providing peace of mind and empowering businesses to focus on their core activities with the assurance of performance, high availability and security excellence. 

Requirements

• Experience (+5 years) in the Information Security branch for international organisations
• Strong background in ISMS, compliance audits, and security‑by‑design principles.
• High affinity with information security standards and best practices (e.g. NIST) and how to translate these into operations and towards customers and suppliers 
• High affinity with vulnerability-and incident response management  
• Experience with internal-and external audits (e.g. ISO 27001, PCI DSS…)
• Working knowledge of at least one of ISO2700x, PCI DSS, GDPR, eIDAS cybersecurity frameworks.
• Fluent in English
• Project management experience

Good to have 

• Certified Information Systems Security Professional (CISSP)
• Knowledge about DORA, NIS2 regulations
• Affinity with cloud security and financial payments institutions 

Soft skills 

• Proactive & entrepreneurial - takes initiative, drives projects forward.
• Structured & organised - able to manage multiple activities simultaneously.
• Communicative - excellent written and verbal communication abilities.
• Stakeholder‑savvy - capable of engaging effectively with different levels of the organisation.
• Analytical & rigorous - able to deliver high‑quality documentation, reports, and presentations.
• Collaborative - a positive team player with strong interpersonal skills.