IT Compliance Auditor (Intern)

Location: Ho Chi Minh City, Vietnam,None,None

We are an AI Fintech company specialized in assessing credit profiles of consumers in emerging markets combining pioneering AI with large alternative data sources. In 2020 we reached our ambitious milestone of credit profiling 1bn consumers spanning 4 countries - Vietnam, Indonesia, India & the Philippines - and building a platform for the wider industry and the financial services industry in particular to provide the 'un & under' served access to credit. At the core of this initiative has been our strict and unwavering adherence to the norms of consumer data privacy and consumer data rights.
But we're not satisfied as we embark on the next leg of our journey to deliver 100 million credit lines to consumers in the markets where we operate. Although this goal is ambitious, we truly believe that by harnessing the power of AI & Big Data we can deliver financial access at unprecedented scale.
As a firm, we're audacious problem solvers motivated by our impact on society. We deeply espouse the values of ownership - of our actions and initiatives, integrity in all we do and agility in execution.
We place great importance on doing what is right, what is best and what is innovative. And we are seeking people to champion these values and beliefs as we grow. Trusting Social is looking for an IT Compliance Auditor. If you are smart, driven and want to make a difference in the world with the most advanced and fascinating technology, come join our team. We can satisfy your desire to explore new territory and give you the runway to really make an impact. 

What you will do

IT Compliance Auditor (a member of IT GRC team, InfoSec & Data Privacy department) will provide abilities on Information Security Risk Assessment, Compliance Auditing, Policy and Procedures Management. Responsibilities include monitoring, reviewing, and updating compliance requirements, policies, procedures and security best practices in the IT process with support from InfoSec, HR/Legal and relevant IT teams. Additionally, the position will be executing periodically on the security risk assessment and compliance auditing to drive risk-informed decisions. The position will also support management and response  to third party security risk assessment from our customers/partners as well as support security awareness activities. Specifically, you will:

• Compliance Auditing: Periodically evaluate the compliance status of current IT processes based on our predefined policies and Industry standards (ISO 27001, PCI-DSS, NIST, CSA, etc). Collect information and prepare the detailed report for Head of InfoSec and CTO on identified gaps, follow up with relevant teams for remediation plan tracking and status report. Collect, update and manage InfoSec compliance requirements from multiple countries government laws/regulations, customer/business partners policies, industry standards and service contracts.
• Security Awareness Training: Periodically review and enhance the training content to align with new updates from our policies, industry standards. Follow up with HR and Line manager/Head of Department to report the training completion status and security awareness test result. Remind and train our employees in new policies, standards or procedures.
• Promote a culture of security within the company via innovative training and awareness methodologies.
• Third-party Risk Assessment: Establish and execute processes to appropriately assess and manage our third-party security risk. Support to respond to assessment questionnaires from our customers/business partners, follow up with relevant teams to prepare and provide proof of compliance/evidence.
• Administrational Tasks: Work as an assistant for InfoSec team in project management to prepare necessary documents, templates and monitor the progress of project implementation. Periodically review IT Changes/Notifications to ensure they are complied with defined processes and report to person-in-charge of abnormal or suspicious cases.
• Support to prepare InfoSec monthly and quarterly reports or on-demand reports.

What you need to have

• Bachelor's Degree in Computer Science or related IT field.
• Demonstrated capability to communicate within InfoSec team and relevant teams for auditing.

What you will get 

• Opportunity to work and learn from one of the best and brightest technology teams in Vietnam
• Be part of a winning team with exponential growth regionally, experience recruiting world-class talents
• Top market rate pay
• Flexible working hours.
• Offers state-of-the-art MacbookPro, offices, and facilities
• Convenient central district 1 office location, next to a future metro station
• Onsite lunch with multiple options, including vegetarian and happy hour every Thursday
• Unlimited free coffee, tea, snacks, and fruit to keep you energized

Additional Info
Learn more about us here:
https://www.youtube.com/watch?v=inAEDGvOcL8&t=29s