Senior Manager IT - Governance Risk and Compliance
Mô tả công việc
SCOPE OF WORK
Lead IT GRC strategy across the Resort and digital platforms. Establish governance aligned with Vietnamese Cybersecurity Law and international best practice. Define IT policies, standards, and controls tailored to Resort operations. Ensure IT HOD has visibility of IT risk posture and compliance.
KEY RESPONSIBILITIES AND ACCOUNTABILITIES
Liaise with IT Head of Department for all key risks and remediation plans
Conduct periodic risk assessments and control effectiveness reviews
Oversee data governance, classification, retention, and access controls
Define and enforce IT policies, standards, and control frameworks
Ensure audit readiness and timely remediation of findings
Oversee business continuity and disaster recovery planning
Maintain full documentation for compliance and licensing reviews
Ensure breach detection, response, and mandatory reporting obligations
Partner with IT Security, SOC, and DevSecOps for integrated controls
Lead enterprise IT GRC strategy across the Resort
Manage third- party/vendor risk
Support secure, compliant digital and customer- facing platforms
Identify, assess, and mitigate risks across the resort
Promote strong risk- aware culture, training, and leadership across the organization
Monitor vendor compliance with Vietnam cybersecurity regulations
Manage risks related to Resort operations and process improvements
Align frameworks with ISO 27001, NIST, COBIT, SOC2
Manage cross- border data transfer compliance
Establish governance aligned with Vietnam Cybersecurity Laws
Ensure compliance with data localization, monitoring, and reporting requirements
Lead internal and external IT audits and regulatory inspections
Ensure security and integrity of systems
Ensure compliance with Personal Data Protection and Financial Data Protection
Ensure compliance with gaming regulator IT audit requirements
Maintain and report on enterprise risk register and treatment plans
Establish and track GRC KPIs, risk metrics, and executive reporting
Enforce GRC requirements in contracts, SLAs, and onboarding processes
Govern cloud, infrastructure, and hybrid environment risks
Lead enterprise IT & cybersecurity risk management program
Yêu cầu công việc
Proven experience with GRC frameworks (ISO 27001, NIST, COBIT, SOC 2)
Strong stakeholder management and executive communication skills
Experience maintaining risk registers and remediation plans
Familiarity with working with Vietnam regulators
5+ years of experience in IT Governance, Risk, and Compliance or Information Security
At least 3–5 years in a leadership or senior management role
Professional certifications preferred: CISSP, CISM, CISA, or similar
Hands- on experience managing IT audits, risk assessments, and compliance programs
Experience ensuring compliance with data localization and regulatory reporting requirements
Background in casino, hospitality, gaming, or regulated industries preferred
Familiarity with Secure SDLC and DevSecOps integration
Strong knowledge of Vietnam Cybersecurity Law and personal data protection
Knowledge of third- party/vendor risk management practices
Quyền lợi
Accommodation: Hoiana Village – a modern 960- room complex (provided with 03 meals a day – Laundry & Housekeeping service – Recreations).
Intensive career development.
Attractive Hoiana employee in- house rates.
Working transportation to Da Nang and Hoi An.
Competitive salaries.
Cập nhật gần nhất lúc: 2026-07-06 22:10:02








