Information Security Senior Analyst
Hà Nội-Hanoi
YNV Careers (External)
Req #: 15910
Type: Full-Time
|
||||||||
|
||||||||
Overview: We're seeking an Information Security Senior Analyst to join our CISO Team. This role is responsible for supporting the YNV Group Chief Information Security Officer (CISO) in managing and monitoring the Information Security strategy and Information Security Management System (ISMS) across all YNV Group locations in the APAC region. This position will play a key role in designing, implementing, and reviewing security controls, policies, and procedures while ensuring compliance, conducting security audits, managing incident response, and contributing to business continuity and disaster recovery planning. Helping people thrive and grow in the modern digital world. YNV Group has been building successful businesses that deliver long-term value since 2010. As a privately owned holding company, we excel at identifying and addressing unmet market needs. With a global workforce of over 6,000 employees across the Americas, EMEA, and Asia, our portfolio spans technology, real estate, and financial services. Led by industry experts committed to sustainable growth and innovation, we prioritize building lasting relationships with our clients and partners, ensuring their needs remain central to our approach. The brands in our portfolio include: TeKnowledge, Everty, Sandglass, Monifai and Smart Factoring. Responsibilities: * Implement information security controls based on recognized frameworks, regulations, and standards such as ISO 27001. * Perform incident response and investigation activities related to Information Security. * Assess and manage security risks, supporting remediation efforts for vulnerabilities across company premises, networks, systems, and applications. * Conduct vulnerability assessments, security audits, and access control reviews while ensuring compliance with security standards. * Develop and conduct Information Security training programs, including user education and phishing simulations. * Design, develop, and review security policies, procedures, and standards aligned with industry best practices. * Support the testing and enhancement of disaster recovery and business continuity plans. * Assist with internal and external security risk assessments, regulatory compliance audits, and responses to security questionnaires. * Conduct security testing, including source code and firewall assessments, in collaboration with IT and Security Operations teams. * Regularly report to the Chief Information Security Officer on performance, challenges, and future security needs. Qualifications: * Bachelor's degree in Information Security, Cybersecurity, Information Technology, Computer Science, or a related field. * Minimum 3 years of experience in endpoint and network security, cloud security (Microsoft 365, Azure, Defender, Purview, Sentinel), systems log monitoring, SIEM alerts review, threat hunting, vulnerability scanning, access control audits, information security policies, Windows and Active Directory security, system hardening (CIS Benchmarks), compliance with ISO 27001, PCI DSS, and NIST, and web application security. * Preferred certifications such as CISSP (Certified Information Systems Security Professional) or CISA (Certified Information Systems Auditor) are an advantage. * Strong understanding of IT infrastructure, networks, databases, and business processes in relation to cybersecurity risks, with the ability to assess security threats and implement structured solutions. * Excellent analytical and problem-solving skills, attention to detail, and the ability to research, organize, and present technical information effectively. * Self-motivated, proactive, and adaptable to a rapidly changing environment, with excellent written and verbal English communication skills. * High level of integrity, accountability, and discretion in handling sensitive security matters.
Share this job:
