About KMS
KMS was established in 2009 as a U.S.-based software development & consulting
company with development centers in Vietnam. Over 13 years of operation, we
have been trusted globally for the superlative quality of software services,
products, technology solutions and engineers' expertise.
KMS Technology focuses on custom software development and a wide variety
of consulting services
KMS Healthcare specialises in the healthcare industry, provides a unique
blend of consultative healthcare technology solutions backed by the power
of full lifecycle development support
KMS Solutions serves the Asia Pacific region, bringing the world's
innovative technologies to help organizations achieve their business goals
through world-class digital capabilities and fit-for-purpose solutions
Besides providing services, KMS builds and successfully launches its own
software companies through its internal startup incubator, KMS Labs. The most
notable companies with millions of users worldwide include QASymphony,
Kobiton, Katalon, Grove, and Visily.
KMS is committed to providing tangible contributions and long-lasting impacts
to the communities through leveraging our IT expertise. The company has also
been recognized by prestigious industry awards as a great workplace in
Vietnam, Asia, and the U.S. for many years in a row.
Responsibilities
Job Duties and Key Responsibilities:
Lead, manage and develop the Security Compliance team on day-to-day
operation.
Establish, maintain, monitor and improve the Information Security
Management System (ISMS) by following industrial standards and legal
regulations (ISO 27001, SOC2 Type II, HIPAA, HITRUST, PCI-DSS, GDPR,
etc.)
Develop, maintain and monitor security policies, processes, and procedures
to ensure compliance with Client' security requirements and applicable
legal laws and regulations.
Determine security violations and inefficiencies by conducting periodic
security audits to identify potential vulnerabilities related to asset
protection, ensure operational security controls are implemented and
maintained properly.
Report non-conformity issues to the management and propose countermeasures
for those issues to renovate the organization and operation of the Company
to continuously improve the efficiency of business.
Evaluate security trends, evolvement of threats, vulnerabilities, and
perform risk assessment and treatment plan; coordinate with related
parties for consulting on remediation.
Develop and maintain the effectiveness of security training programs and
awareness activities to enhance user' awareness.
Lead effort in delivering and providing security standards compliance
consulting, audit assessment services to KMS business lines and its
product companies.
Prepare and submit compliance reports to management, regulatory bodies, or
other relevant stakeholders as required.
Keep improving service quality to increase client satisfaction by
improving processes and suggesting initiatives to support the team's daily
work and long-term plan.
Perform other duties as assigned by higher level.
Qualifications
1. Knowledge and skills:
Proven experience (5+ years) in security compliance management,
information security, or related roles in medium or enterprise level.
Prefer to technology, BFSI, healthtech, auditing or internal control
firms.
3+ years of experience in building security compliance frameworks to meet
with SOC 2, ISO 27001, HIPAA, HITRUST, etc.
Having strong knowledge and experience of Privacy and Data Security
Management.
Experience in people management, team development and engagement.
Demonstrate ability to work independently and as part of a team to achieve
team goals.
Demonstrate strong organizational skills, including time management and
ability to effectively prioritize, take ownership and execute tasks in a
high-pressure environment.
Demonstrate good logical thinking and problem-solving skills.
Ability to communicate effectively across all levels of the organization.
Good at English communication skills including oral and written.
2. Education/Training Preferred:
Bachelor's degree in Computer Science, Auditing, Business Administration
and Operations Management related field or equivalent work experience.
Lead Internal Auditor certificate is a plus.
Certification of CISA, CISM or other equivalent certificates in security
management is an advantage.
Understanding of cloud security and emerging technologies will be an
advantage.
Benefits and Perks
Perks You'll Enjoy
Working in one of the Best Places to Work in Vietnam
Building large-scale & global software products
Working & growing with Passionate & Talented Team
Attractive Salary and Benefits
Flexible working time
Various training on hot-trend technologies, best practices and soft skills
Company trip, big annual year-end party every year, team building, etc.
Fitness & sport activities: football, tennis, table-tennis, badminton,
yoga, swimming…
Joining community development activities: 1% Pledge, charity every
quarter, blood donation, public seminars, career orientation talks,…
Free in-house entertainment facilities (foosball, ping pong, gym…),
coffee, and snack (instant noodles, cookies, candies…)
And much more, join us and let yourself explore other fantastic things!
