All qualified candidates will be given fair consideration. Per GDPR, any CV or personal information you submit will be used strictly for recruitment. Your data will be processed based on legitimate interest, securely stored, and not shared outside the recruitment process.
About The Company
Cycle is a consulting firm specializing in digital transformation, IT strategy, and regulatory compliance across Southeast Asia. They offer a dynamic international environment where consultants contribute to impactful, tech-enabled transformation projects. This role will be employed by Cycle Vietnam and deployed to one of their key clients.
Opportunity Details
Working Location: Ho Chi Minh City, Vietnam (on-site at client location)
Working Time: Standard business hours
Employment Type: Full-time
Compensation: According to the market benchmark
Benefits: As per the Labor Law
Reporting Line: Reports to COO
Team Management: None
Role Purpose
The Information Security Executive will support the client in the delivery and oversight of all information security initiatives. This includes monitoring cybersecurity operations, ensuring compliance with relevant standards, and improving the overall security posture through proactive risk management and technical expertise.
Main Objectives
Ensure timely remediation and revalidation of vulnerabilities reported in penetration tests
Maintain compliance with the client's security frameworks and operational procedures
Coordinate risk management and support incident response with clear documentation and reporting
Responsibilities
- VAPT Monitoring:
Oversee remediation of low-impact vulnerabilities from pentest reports
Track revalidation and ensure issues are resolved
- Security Operations Center (SOC):
Align SOC standard operating procedures with internal standards
Support incident handling preparation and response
- Cyber Awareness:
Support implementation of internal cyber awareness programs
- Cyber Insurance:
Prepare documentation required for cyber insurance
Support discussions with brokers by providing technical input
- Disaster Recovery / Business Continuity Plans (DRP/BCP):
Prepare relevant elements for DRP/BCP
Assist in activating and supporting client teams during incidents
- Third-Party Applications Analysis:
Define scope of responsibility between client and third parties in app projects
Recommend actions to ensure compliance with internal standards
- IT Management:
Maintain IT asset list in GLPI
Oversee ticket handling system configuration
Maintain records of processing activities
- Risk Management & Incident Reporting:
Coordinate risk management following internal standards
Provide leadership with an overview of current risk posture
- Compliance:
Conduct gap analysis and maintain action plans for standards such as ISO 27001 and PDPD
Ensure compliance with internal and regulatory frameworks
- General Support:
Identify roadblocks to project delivery and proactively address them
Present progress reports and maintain thorough documentation
Candidate Profile
Education & Qualifications
Bachelor's degree in Information Security, Computer Science, or related field
Master’s degree preferred
Cybersecurity or project management certifications (e.g., Security+, CISSP, PMP, PRINCE2) are a plus
Professional Experience
5+ years in information security roles
Proven experience managing security projects end-to-end
Familiarity with SOC, VAPT, incident response, and third-party risk management
Experience working in fast-paced environments with international exposure
Technical Skills
Strong knowledge of information security frameworks (e.g., ISO 27001, GDPR, PDPD)
Experience with Azure and cloud security (preferred)
Familiar with asset tracking (e.g., GLPI) and risk documentation
Proficient in English and Vietnamese
Behavioral Competencies
Strong communication and presentation skills
Able to collaborate cross-functionally and work independently
Detail-oriented and proactive in identifying risks and ensuring compliance
Knowledge Domain
Information Security frameworks and compliance standards
Risk and incident management processes
Cloud and infrastructure security (Azure preferred)
Application Process
To complete your application, Cotalent will email you at the address listed in your CV with a tailored questionnaire designed to enhance your chances of reaching the interview stage. Please check your inbox regularly, including your spam or junk folder, as completing the questionnaire is necessary to finalize your application and move on to the next phase.
