Senior Information Security
Ho Chi Minh City, Vietnam
All – Security & Compliance /
Permanent, Full-time /
On-site
Ninja Van is a tech-enabled logistics company on a mission to provide hassle-free delivery services for businesses of all sizes across Southeast Asia. Launched in 2014, we started operations in Singapore and have become the region's largest and fastest growing last-mile logistics company, partnering with over 35,000 merchants and delivering more than 1,000 parcels every minute across six countries.
At our core, we are a technology company that is disrupting a massive industry with cutting-edge software and operational concepts. Powered by algorithm-based optimisation, dynamic routing, end-to-end tracking and a data-driven approach, we provide best-of-class delivery services that delight both the shippers and end customers. But we are just getting started! We have much room for improvement and many ideas that will further shape the industry.
Roles and responsibilities
- Identity and Access Management
- Enforcing Identity Lifecycle Management policies and procedures.
- Planning and executing Access Review ProcessWorking REG Infosec and IT to enforce Authentication policies such as SSO, MFA, Oauth , OpenID, FIM
- You need to have Knowledge of Authorization Models and design such as RBAC, MAC ,DAC , ABAC to assist enforcing them at all levels.
- Role Based Access Control
- Understand different RBAC structures and apply knowledge to implement the most suitable RBAC solution for critical business applications.
- Implementing role based access for the critical systems and applications.
- Work with business/application owners to define/create/update managed roles following IAM principles.
- Work with product and engineering teams to implement application specific access controls.
- Act as liaison between business and tech teams to accurately capture and provide security requirements that satisfy both business and tech priorities.
- Effectively communicate status of various IAM initiatives to leadership
- Create and document standards, processes and procedures for RBAC and other IAM initiatives.
- Work with vendors and internal stakeholders to implement IAM tools and technologies.
- Program Delivery
- Manage delivery of Group Information Security tools and capabilities locally
- Support Group Head of InfoSec in managing the delivery of global programs, KPIs and KRIs.
- Compliance
- Support local business in Security Architecture decisions by working in liaison with Group Information Security
- Manage resolution of vulnerabilities or issues detected in local IT/Tech Infrastructure
- Reduce the information security risk by identifying the root cause and working with local/group stakeholders to take corrective actions.
- Support Local Team with questions related to regulatory compliance and IT/InfoSec audits.
- Training and Incident Response
- Run local security training programs
- Communicate and ensure implementation of group IS policies, procedures and processes locally.
- Adapt security procedures as per local needs where required
- Qualify local Security Incidents and co-ordinate incident response with Group IS
- Lead and/or participate in post Incident Reviews.
Qualifications/Experience:
- Bachelors in Information Security / STEM (Science, Technology, Engineering and Mathematics) degree
- At least + years of experience in IT/Information Security
- Experience in leading IT security, attestation and assurance audits globally
- Experience in setting up Data protection controls
- Professional security related qualification (e.g. CISM - ISACA, CC - ISC, CISA, CRISC.) will be favorable although not mandatory
- Good to have experience in IAM tools like BeyondTrust, Google Workspace, etc.
- Language Requirements: Fluent English
Knowledge & Technical skills
- Knowledge of ISO 27001, NIST CSF
- Knowledge and understanding of AAA framework
- Knowledge of Google Workspace, Google Cloud (GCP)
- Knowledge of API and API tools like SOAP-UI, Postman, Apigee etc
- Knowledge of Database and writing SQL queries
- Excellent written and verbal communication skills and ability to escalate timely to management.
- High degree of attention to detail and discipline in tracking and managing the closure of identified vulnerabilities and issues arising from audit
- Effective influencing and negotiating skills and demonstrated sensitivity to working and interacting with senior stakeholders
- Ability to work independently
Working address: Ninja Van Vietnam Office, 307/21 Nguyen Van Troi, Tan Binh district, Ho Chi Minh city.
Salary and benefits:
Competitive income compared to the market
"Tet" bonus , Performance review from 1 - 4 months
Paid social insurance based on full salary
12 days annual leave, 5 days sick leave (with full salary)
High-class AON Health Insurance for manager level.
Year End Party, annual Townhall Ceremony
Attractive team-building activities, regular internal activities
Provide laptop for employees
Training and developing:
Participate in internal training courses: online/offline
Opportunities to promote to higher positions: Senior, Team Leader, Manager etc.
Work environment & colleagues:
Senior leaders are open-minded, respectful and ready to facilitate personal growth
Young and dynamic working environment
Scope of work is large, the company has more than 6000 employees, the company has operations spreading to 63 provinces/cities throughout the country.
Submit a job application
By applying to the job, you acknowledge that you have read, understood and agreed to our Privacy Policy Notice (the “Notice”) and consent to the collection, use and/or disclosure of your personal data by Ninja Logistics Pte Ltd (the “Company”) for the purposes set out in the Notice. In the event that your job application or personal data was received from any third party pursuant to the purposes set out in the Notice, you warrant that such third party has been duly authorised by you to disclose your personal data to us for the purposes set out in the the Notice.
