Senior Pentester / Chuyên Viên Cao Cấp An Ninh Thông Tin

I. Job Purpose:

• Participate in and directly carry out: defining security requirements and designing information security for systems and applications; performing penetration testing; deploying and enhancing systems and applications in use or under development with the goal of strengthening information security capabilities and promptly identifying potential vulnerabilities to propose remediation measures.
• Manage and implement information security standards at Techcombank in compliance with Vietnamese and international security regulations.
• Establish and maintain compliance with information security policies and regulations. Timely address risks to ensure the overall information security of the bank.

II. Key Accountabilities:

1. Information Security Responsibilities:

• Join development and technology deployment projects to ensure security throughout the system lifecycle, including: security requirement analysis, secure design, threat modeling, source code review, security testing, and implementation of appropriate security controls.

• Research and develop information security solutions to prevent cyber-attacks and incidents, ensuring safety and security across the bank’s entire information system.

• Collaborate with the Security Monitoring team to participate in incident response and resolution.

• Establish and oversee the implementation of information security processes, regulations, standards, guidelines, and policies in line with government requirements and international best practices.

• Implement and maintain compliance with international standards such as PCI- DSS, ISO, SWIFT CSP.

• Ensure ongoing compliance with internal Techcombank policies and with circulars and regulations issued by the State Bank of Vietnam.

• Regularly audit the configuration and integrity of internal security policies and systems at TCB to detect violations or potential insider threats.

• Coordinate with Compliance Assessment and Risk Management units to evaluate the system’s compliance with policies, regulations, standards, procedures, and checklists.

2. Other Responsibilities:

• Design and deliver security awareness and training programs for bank staff.

• Research and apply information security standards and frameworks suitable for the banking environment.

• Perform other duties as assigned by management.

III.     Job Requirements:

Bachelor’s degree in Information Technology, Computer Science, or Electronics and Telecommunications.

3–5 years of experience in security assessment and penetration testing within financial services, telecom, or similar sectors.

Experience should include:

• Researching, designing, implementing, and evaluating information security solutions across different areas;

• Implementation and compliance with standards such as PCI-DSS, ISO, SWIFT CSP;

• Participating in the development and enforcement of information security standards for IT systems.

English: According to Techcombank’s current language proficiency requirements. Experience in assessing information security in Agile development environments.

Relevant security certifications such as OSCP, or PCI DSS implementation/evaluation certifications.

• Qualification: Bachelor
• Age: Unlimited
• Job type: Permanent