Position Objective:
You will join the Cloud & IT Operations Team — responsible for operating multi-cloud platforms (AWS, Google Cloud, Microsoft Azure), campus IT infrastructure, and digital education services. This is an ideal environment to build solid technical foundations, learn directly from senior engineers, and grow along a clear Cloud & DevOps career path.
Key Responsibilities:
- Participate in the development and operation of the company’s Personal Data Protection Program; establish a data protection governance framework to manage the personal data lifecycle from collection, processing, storage, to deletion.
- Monitor and ensure compliance with the Personal Data Protection Law 2025, Decree No. 356/2025/ND-CP, and other relevant regulations; provide legal risk advisory related to personal data processing activities.
- Manage compliance documentation such as Data Processing Impact Assessments (DPIAs); prepare and maintain records related to personal data processing registration and cross-border personal data transfers.
- Review and oversee data-sharing activities with partners and vendors, including third-party compliance assessments and the review of agreements such as Data Processing Agreements (DPAs) and Data Sharing Agreements (DSAs).
- Advise on compliance with data subject rights requirements, including the rights to access, rectify, erase personal data, withdraw consent, and restrict processing in accordance with applicable laws.
- Collaborate with the IT and Information Security teams to detect, investigate, and respond to personal data breach incidents.
- Coordinate and organize training and awareness programs on personal data protection for employees to foster a culture of data compliance across the organization.
- Perform other duties and responsibilities as assigned.
Job Requirements:
Education:
- Bachelor’s degree or higher in Law, Information Technology, or other related fields.
Experience:
- Minimum 3–5 years of experience in one or more of the following areas: Data Privacy/Data Protection, Legal Compliance, Information Security, or Risk Management.
- Experience in implementing the Personal Data Protection Law or Decree No. 13/356 is an advantage.
Skills:
- Strong understanding of Data Protection, Data Governance, and Information Security.
- Risk assessment and compliance process development skills.
- Cross-functional collaboration skills.
- Policy drafting and legal documentation skills.
- Ability to read and understand legal and technical documents in English.
Benefits:
- Competitive salary package (Base salary and performance bonuses).
- Probation period salary is 100% of the official salary.
- Comprehensive health and accident insurance.
- 15 days of annual leave, 3 remote work days per month.
- Provision of work equipment (Macbook/ Laptop, mouse, monitor, etc.).
- A creative and modern working environment.
Working location: Galaxy Innovation Hub – D1 Hi Tech Park, Tang Nhon Phu Ward, HCMC
Kindly send your CV to: talent@galaxyholdings.co
