Mô Tả Công Việc
Are you passionate about cybersecurity and ready to take a hands-on role in driving the evolution of our security operations? As a Medior/Senior Security Operations Engineer at Aurify, you’ll play a pivotal role in building and refining our Google Security Operations Center (SOC), with a specific focus on SIEM and SOAR solutions. You will be part of our Security Operations team, responsible for monitoring and escalating security alerts across our infrastructure and implementing cutting-edge security procedures. This role goes beyond production security—it encompasses securing our internal systems and processes. We’re looking for someone with both practical and theoretical knowledge in IT security, capable of not only enforcing policies but also continuously improving them to meet evolving security challenges.
What you’ll be doing
Building and optimizing our Google SOC, including SIEM and SOAR implementation (Google Chronicle)
Monitoring, analyzing, and escalating security alerts from our Google Chronicle SIEM
Developing, evolving, and enforcing security policies and incident response plans
Driving the creation of SIEM dashboards and enhancing monitoring and alerting capabilities
Managing and mitigating CVE vulnerabilities on our platforms and base images
Assisting with the implementation of security measures for both external and internal systems
Implementing and automating static code scanning processes to identify and remediate vulnerabilities early in the development lifecycle
Leading efforts in automated security scanning for continuous monitoring of code and infrastructure security
Participating in the on-call security response rotation to handle critical security incidents
Xem toàn bộ Mô Tả Công Việc
Yêu Cầu Công Việc
Requirements
Hands-on experience with SIEM (preferably Google Chronicle) and SOAR solutions
Strong knowledge of CVE management and experience with vulnerability mitigation
Solid understanding of cloud security (GCP and/or AWS)
Practical experience in developing and implementing security policies and incident response plans
Strong command of English (both written and spoken)
Ability to collaborate effectively with cross-functional teams
Experience with Linux systems (RedHat/CentOS) and using Jira for project management
Nice To Have
Knowledge of container security (Docker, Anchore)
Experience with OSSECC, Wazuh, Tenable.io, Burpsuite, Cloudsuite
Familiarity with Ansible, Opsgenie, and Prometheus
Experience with patch management solutions such as Katello/Satellite
A keen focus on real-world security issues and the ability to differentiate between buzz and practical security
Soft skills
Excellent communication-skills to work constructive and in cooperation with internal and external teams
Be assertive, knowledgeable and trustworthy
High degree of responsibility and autonomy
Xem toàn bộ Yêu Cầu Công Việc
Quyền Lợi
Office hours: 9:00 AM 🡪 12:00 PM, 1:00 PM 🡪 06:00 PM, off on Saturday and Sunday. Annual holidays leave will be following Vietnam law and as company regulations.
25 days of annual leave
Flexible working hours
Competitive remuneration package
13th salary
Social insurance, health insurance, and unemployment insurance will be under Labor Law.
Generous private medical health insurance for employees & family members
Dynamic, young & international environment
Team building activities & outing
Brand new & state-of-art Agile office
Opportunity for traveling & training in Europe
As a member of the Aurify team, you'll have the unique opportunity to work on projects that integrate state-of-the-art technologies with a customer-centric approach. You'll be at the forefront of implementing practices that ensure cost management and security compliance, all within a framework that values simplicity and smart solutions, echoing the mission of Unifiedpost. Join us in our journey to navigate the complexities of the cloud landscape together, providing peace of mind and empowering businesses to focus on their core activities with the assurance of performance, high availability and security excellence. About our clientOur client’s mission is to make business easy and smart by helping organisations build strong digital connections with their customers and suppliers. Their cloud-based open network of consumers and organisations - small or large, local or global - promotes collaboration, digital interactions, document exchanges, payments and cash flow optimisation. It also enables our client's partners to create additional data-driven services to help organisations grow. Our client’s trusted network equips every verified participant with the right tools to digitise and automate business processes including order-to-cash and procure-to-pay processes. Those tools range from smart mobile and web applications over software integrations all the way to fully documented APIs.Our client is gradually transforming into a more regulated company. As a result, all roles within any of the companies of our client’s Group are subject to some form of a background check. For most roles, this will involve a simple identity and degree verification. For other roles, it might be required to also verify your criminal record and employment history.