Lead all security operations, including but not limited to SOC function, Vulnerability Management, MFA Service, IDS/IPS, DDOS Protection, WAF, Cloud Security, and Endpoint Protection.
Partner with Product & IT Operation & IT Development teams to identify cyber-attack risks in the system and define practical mitigation plans.
Conduct complete security lifecycle architecture and technical assessments, including but not limited to design requirements assessment, threat modeling, and risk assessment.
Build a standardized set of security requirements and documentation for internal systems and product offerings.
Maintain SLAs by watching for new vulnerabilities, monitoring existing vulnerabilities, working on false positives, and detecting logic changes.
Develop, execute and track the performance of security measures to protect information and network infrastructure, and computer systems.
Monitor current and proposed laws, regulations, industry standards, and ethical requirements related to privacy and information security, such as SBV Circular 09, 35, 47, and PCI DSS Level 1.
Configure, troubleshoot and maintain security infrastructure software and hardware.
Handle all cloud security in practice; AWS Security is a plus.
Handle all container security in practice; Kubernetes Security is a plus.
Job requirement
3+ years in a security operation role.
3+ years experience working in a security-focused role in the technology or other technology-heavy industry (e.g., Financial Services, Banking).
Consistent track record designing and integrating security controls in premise environment, cloud-based, and container architectures.
Significant experience conducting threat modeling and risk assessments of premise environment, and cloud services, demonstrating a clear ability to identify potential vulnerabilities.
Good level knowledge at all layers of the information security stack with hands-on security engineering experience on AWS, Kubernetes, etc.
Have the mindset of "Zero Trust" and "Secure-By-Default."
Critical thinking skills and ability to solve complex problems
Working knowledge of the MITRE ATT&CK, NIST CSF, and CIS Critical Control frameworks
BS or MS in Computer Science, Information Systems, Engineering, or a related field
Benefit
Working in the fast-moving international Fin-Tech environment.
Competitive salary with high-tech supports.
Bonus salary and company activities for each quarter.
Personal Health Care Package from BaoViet Insurance.
Working in new building E- Town Tower, 11 Doan Van Bo, Dist.4, HCMC.