IT RISK and COMPLIANCE

JOB SUMMARYThe Risk & Compliance Specialist (IT RISK & COMPLIANCE) is responsible for developing, maintaining, and executing the IT Risk Management Framework to ensure effective oversight, advisory, and challenge of IT and Security processes across VNGGames. This role partners with both technical and business stakeholders to identify, assess, and mitigate IT risks while ensuring alignment and compliance with internal standards, frameworks, and best practices. JOB DESCRIPTION:• Ensure that IT operations are executed effectively, efficiently, and in alignment with organizational objectives while managing technology-related risks and maintaining compliance with internal standards and frameworks.• Develop, implement, and maintain comprehensive frameworks, policies, procedures, and guidelines to support consistent and standardized IT governance, risk, and compliance practices.• Identify, assess, prioritize, and manage IT and cybersecurity risks that could impact business objectives, critical systems, or data assets.• Conduct regular IT risk and control assessments, perform continuous monitoring, and lead periodic reviews to evaluate the design and operating effectiveness of existing controls.• Implement, monitor, and track risk mitigation measures, technical controls, and corrective action plans to address identified risks or compliance gaps.• Monitor updates to IT standards, frameworks, and internal requirements; assess their impact, identify gaps, and coordinate actions to ensure continuous compliance.• Align enterprise risk management and compliance requirements with IT policies, processes, and operational practices.• Communicate and collaborate with stakeholders to strengthen understanding and awareness of IT risks, control effectiveness, and compliance expectations.• Maintain the IT risk and compliance profile, including mappings of risks, controls, and assessment results, to support effective management oversight and audit readiness.• Monitor the design and performance of IT controls to ensure standardization, consistency, and effectiveness across systems and processes, and report on key risk indicators, control performance, and emerging issues.