Jobs · itviec

T

Senior IT Governance Iso 27001 Pci Dss Nimbus Data Systems 2946

Nimbus Data Systems · Quận 3, Hồ Chí Minh · Posted today

onsitesenior🇻🇳 Vietnam
Apply on itviec

About the role

Top 3 Reasons To Join Us Big chance to build Fintech system, large data International & English environment Apply new Tech-Stack, Technology and more The Job About Nimbus Data Systems Launched in 2015, Nimbus Data Systems pioneered digital banking in Vietnam with a mission to make banking faster, simpler, and more accessible. Today, as part of one of Southeast Asia’s leading digital financial services platforms, Nimbus Data Systems is building secure, scalable, and customer-first digital banking experiences for millions of users across Vietnam. We are looking for curious minds and driven talents from fintech, digital banking, and technology companies who are excited to move fast, build meaningful products, and help shape the future of banking in Vietnam. About the Role We are looking for a Senior IT GRC to assist in driving a robust Governance, Risk, and Compliance framework across Nimbus Data Systems and Kredivo Group. In this role, you will operate at the intersection of security governance, risk mitigation, and regulatory alignment. You will be responsible for promoting our information security framework, ensuring all products, systems, and third-party partnerships meet the highest international and local security regulations. Working closely with Nimbus Data Systems's IT, engineering, and business stakeholders, you will drive systemic security resilience, conduct critical audits, and establish continuous feedback loops to protect Nimbus Data Systems's digital banking platform and its customers. You will report to the Infosec Lead. What You Will Do Regulatory Compliance Management: Continuous monitoring and compliance maintenance with rigid Vietnamese Banking and Personal Data Protection regulations. Audit & Assessment Coordination: Lead, coordinate, and respond to at least annual cycles of strict internal and external audits—including regulatory inspections and critical compliance assessments. Governance & Policy Monitoring: Conducting regular policy compliance monitoring, internal control reviews, and governance structural updates across entities; continuously updating and refining internal policies, procedures, and standards to ensure strict regulatory compliance. International Standards Maintenance : Prepare evidence and drive annual assessments to maintain the PCI DSS Level 1 Standard certification. Identity & Access Governance: Leading the comprehensive User Access Review (UAR) program applications across internal and external core systems. Third-Party Risk Management (TPRM) : Conducting comprehensive risk assessments and mitigation plans for all vendors and third-party partners. Security Culture: Driving and planning security awareness training across all business, technical units. Why Join Us Help defend and govern one of Vietnam's leading digital banks and the customers who trust it. Work as part of Kredivo Group's regional security team (Vietnam, Indonesia, Singapore). Hands-on GRC and security resilience work across a real, large-scale fintech environment. Hybrid model: 4 days HCMC office, 1 day work from home. Your Skills and Experience What We Are Looking For Experience 3+ years of hands-on experience directly related to IT Security Governance, Risk, and Compliance (GRC). Proven track record of participating in or leading the implementation and assessment of international governance frameworks (PCI-DSS, ISO-27001). Experience operating in highly regulated, production-scale environments (Fintech, Banking, or Digital Services). Comfortable collaborating with cross-functional stakeholders, software engineers, and external third-party entities. Skills & Expertise Frameworks & Methodologies: Deep, practical knowledge of GRC frameworks, security audit methodologies. Security Controls Familiarity: Strong fundamental knowledge of network security, IAM (Identity and Access Management), and enterprise security tools (Antivirus, Firewalls, SIEM, IDS/IPS, Cloud Security) to effectively review system configurations and access controls. Vendor Risk Assessment: Strong capabilities in defining, evaluating, and managing third-party security baselines. Professional Working English: Regular collaboration with Kredivo's regional Team and Nimbus Data Systems's local teams. Attributes Highly Responsible & Proactive: You don't wait for compliance gaps to be found; you actively collaborate to strengthen defenses. Pragmatic Communicator: You can translate complex security regulations and risk metrics into actionable steps for engineers and business leaders alike. Analytical & Structured: Exceptional attention to detail when conducting system-access audits and reviewing security policies. Bonus Points Possession of professional security/auditing certifications: CRISC, CISA, CISM, CISSP, CGRC or equivalent. Prior experience navigating SBV (State Bank of Vietnam) and MPS regulatory requirements for digital banking. Experience in Cloud Environments and automated GRC workflows. Why You'll Love Working Here Our deliverable is a leading software that is changing the way people do banking. You will be proud of your work and you will share with everybody that you helped to build Nimbus Data Systems. You’ll be joining a team of experts who are technically savvy, creative, and who share the intention of reinventing banking in Vietnam. You work closely with international architects and front-end consultants, product managers, and designers to develop the system. You will learn a lot from them. Company Benefits: Full benefits and salary during probation Premium health care insurance Competitive salary and learning culture Other benefits as per stated in Vietnamese Labor Law

Read the full posting on itviec

FAQ

Is the Senior IT Governance Iso 27001 Pci Dss Nimbus Data Systems 2946 role at Nimbus Data Systems remote?+

This Senior IT Governance Iso 27001 Pci Dss Nimbus Data Systems 2946 position is listed as onsite (Quận 3, Hồ Chí Minh).

What seniority level is this Senior IT Governance Iso 27001 Pci Dss Nimbus Data Systems 2946 role?+

This is a senior level position.

How do I apply for the Senior IT Governance Iso 27001 Pci Dss Nimbus Data Systems 2946 role at Nimbus Data Systems?+

Use the "Apply on itviec" button to open the original posting on itviec, where you can submit your application directly to Nimbus Data Systems.