Work location: Ha Noi
Salary:
Industry: IT - Software
Deadline to apply:
Level: Team Leader / Supervisor
1. IT Security Engineering & Development- Support strategic planning and execution of the bank’s information security roadmap.- Advise on the design and implementation of cross-domain security solutions.- Lead complex incident response operations and post-incident analysis.- Conduct cybersecurity research to anticipate threats and inform architecture design.- Propose strategic and operational plans for secure system development.- Research and design security solutions covering network, application, endpoint, and data security.- Develop secure programming standards based on CWE/SANS Top 25, OWASP.- Perform security risk modeling and source code reviews.- Assess emerging vulnerabilities and implement proactive defenses.- Collaborate with monitoring and incident response teams to address attack events.
2. IT Security Implementation- Develop and execute security assessments for IT projects and systems.- Conduct vulnerability assessments and penetration testing (Vulnerability Assessment & Penetration Testing) on:- Web applications, Mobile applications (iOS & Android), API, Winform.- Server systems (Windows, Linux), databases, network infrastructure, and cloud environments.- Review and optimize security configurations on servers, network devices, security appliances, and storage systems.
3. IT Security Operations- Update and manage security vulnerabilities in IT systems, develop and implement remediation plans.- Maintain and ensure compliance with PCI DSS certification and NHNN security standards.- Operate and maintain critical security systems such as SIEM, IPS/IDS, DLP, PIM.- Collaborate with relevant departments to implement security measures such as patch management, antivirus management, and endpoint protection.
4. Vulnerability Management- Continuously update and monitor security vulnerabilities, malware threats, and risks; analyze and provide recommendations for remediation.- Conduct regular security assessments (VA, Pentest, ASV, APT, segment test) for operating systems, applications, databases, and networks.- Manage, monitor, and ensure remediation of all detected security vulnerabilities in IT services.
5. Other Responsibilities- Support cross-functional tech projects.- Conduct training and mentoring programs to build internal capabilities.- Assist in career development planning within the security function.- Perform other tasks as assigned by management.
LOTTE FINANCE VIETNAM