LINE Vietnam
Summary
This role is responsible for systematically establishing and operating LINE VIETNAM's network and a security management system, and strengthening the company's security.
Through the implementation of network and security policies and risk assessments, it ensures the confidentiality, integrity, and availability (CIA) of data and systems, and provides security guidelines and training programs for company employees. Additionally, it responds to relevant laws and regulatory requirements through internal control and audit response activities, playing a role in improving the organization’s network and security level, and minimizing risks.
Responsibilities
• Doing forensics on abuse/fraud cases.
• Assess the impact of potential compromises and potential threat activity.
• Develop and implement security policies and procedures: This includes creating and maintaining policies that govern how employees interact with IT systems and data, aswell as setting up procedures for incident response and business continuity.
• Conduct risk assessments: Evaluate potential vulnerabilities and risks to the organization’s information systems and data and develop strategies to mitigate these risks.
• Monitor network and security system: Monitor network traffic and detect potential security breaches.
• Provide security training and awareness: Educate employees on security best
practices, risks, and threats, and conduct regular security awareness training programs.
• Responding to security incidents: Develop and implement incident response plans and lead efforts to investigate and remediate security breaches.
• Ensure compliance with regulatory requirements: Stay informed about relevant regulations and standards and ensure that the organization’s IT security program meets these requirements.
• Stay updated on emerging threats and technologies: Research and analyze new security threats and technologies, and adapt the organization’s security program accordingly.
• Collaborate with other departments (Parent Company Security Governance team, CSIRT): Work with IT, legal, and other departments to ensure that the organization’s security program is aligned with its business goals.
Basic Qualification
• Minimum of 3 years’ work experience in an information security role, including securityaudit, security policy development, data security, security education, and security risk assessment.
• Basic understanding of modern IT and computer infrastructure.
• Must have experience in log analysis.
• Must have familiarity with UNIX.
• Must have experience with scripting (Python, Perl, Bash, awk, sed).
• Should have experience and passion for incident investigation and time-series data analysis.
• Must be familiar with Information Security Management Systems (ISMS) or Privacy Information Management System and its practices.
• Ability to implement security monitoring process to align with global security standards and requirements e.g., ISO/IEC 27001, NIST Cybersecurity Framework.
• Competence in conducting risk assessments and security audits in diverse IT environments.
• Understanding characteristics of cybercrimes.
• Team-oriented person who can communicate with teams from different countries/departments.
• Fluent in English.
Preferred Qualification
• Information security certificates, such as CISSP, CISA, CISM, ISO/IEC 27001 Lead Auditor.
• Understanding Personal Data Protection Act.
• Understanding of Internet, instant messengers, web/mobile services and encryption technology.
• Japanese or Korean language skills are a plus.
English
Nói: Fluently - Đọc: Fluently - Viết: Fluently
Japanese
Nói: Intermediate - Đọc: Intermediate - Viết: Intermediate
Korean
Nói: Intermediate - Đọc: Intermediate - Viết: Intermediate
Which allows developers to create any kinds of application and background service. LINE Vietnam is working as a part of Global Line team, taking responsibility for many applications based on Line platform.
We are looking for candidates who possess adequate fundamental knowledge, creative power, especially endless passion toward software industry. Our engineers should be able to communicate with many engineers or partners from various countries to develop the front-end, back-end, data statistic and analysis services, etc.
