IT Security Application Team Leader

Chế độ bảo hiểm, Du Lịch, Phụ cấp, Đồng phục, Chế độ thưởng, Chăm sóc sức khỏe, Đào tạo, Tăng lương, Công tác phí, Phụ cấp thâm niên, Nghỉ phép năm, CLB thể thao

1. IT Security Engineering & Development- Support strategic planning and execution of the bank’s information security roadmap.- Advise on the design and implementation of cross-domain security solutions.- Lead complex incident response operations and post-incident analysis.- Conduct cybersecurity research to anticipate threats and inform architecture design.- Propose strategic and operational plans for secure system development.- Research and design security solutions covering network, application, endpoint, and data security.- Develop secure programming standards based on CWE/SANS Top 25, OWASP.- Perform security risk modeling and source code reviews.- Assess emerging vulnerabilities and implement proactive defenses.- Collaborate with monitoring and incident response teams to address attack events.

2. IT Security Implementation- Develop and execute security assessments for IT projects and systems.- Conduct vulnerability assessments and penetration testing (Vulnerability Assessment & Penetration Testing) on:- Web applications, Mobile applications (iOS & Android), API, Winform.- Server systems (Windows, Linux), databases, network infrastructure, and cloud environments.- Review and optimize security configurations on servers, network devices, security appliances, and storage systems.

3. IT Security Operations- Update and manage security vulnerabilities in IT systems, develop and implement remediation plans.- Maintain and ensure compliance with PCI DSS certification and NHNN security standards.- Operate and maintain critical security systems such as SIEM, IPS/IDS, DLP, PIM.- Collaborate with relevant departments to implement security measures such as patch management, antivirus management, and endpoint protection.

4. Vulnerability Management- Continuously update and monitor security vulnerabilities, malware threats, and risks; analyze and provide recommendations for remediation.- Conduct regular security assessments (VA, Pentest, ASV, APT, segment test) for operating systems, applications, databases, and networks.- Manage, monitor, and ensure remediation of all detected security vulnerabilities in IT services.

5. Other Responsibilities- Support cross-functional tech projects.- Conduct training and mentoring programs to build internal capabilities.- Assist in career development planning within the security function.- Perform other tasks as assigned by management.