Đăng nhập
Đăng ký
Mô Tả Công Việc
AppSecEngineering:
Vulnerability assessment and penetration testing program and responsible for the design and performance of application security robustness tests :
- Operate a hands-on role involving penetration testing and vulnerability assessment activities of complex applications, operating systems, wired and wireless networks, and mobile applications/devices
- Develop and maintain security testing plans
- Automate penetration and other security testing on networks, systems and applications
- Develop meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk
- Produce actionable, threat-based, reports on security testing results
- Act as a source of direction, training, and guidance for less experienced staff
- Mentor and coach other IT security staff to provide guidance and expertise in their growth
- Consult with application developers, systems administrators, and management to demonstrate security testing results, explain the threat presented by the results, and consult on remediation
- Communicate security issues to a wide variety of internal and external “customers” to include technical teams, executives, risk groups, vendors and regulators
- Deliver the annual penetration testing schedule and conducting awareness campaigns to ensure proper budgeting by business lines for annual tests
- Foster and maintain relationships with key stakeholders and business partners
InfraSecEngineering/ SystemSecEngineering:
Cybersecurity risk and compliance framework and management:
- Identify, highlight and remediate information security risk in the Bank
Policy, Standards and Processes:
- Comply with the Bank’s Information Security Policy, Regulations, Standards, and Process
- Provide feedback to enhance the current policies, regulations, standards and processes where necessary
- Communicate and ensure all staff understands and comply with the Information Security Policy, Regulations, Standards and Processses
Operations, Reporting and Administration
- Ensure that the Information Security Strategy and Plans are implemented as planned.
- Ensure that Information Security process are followed diligently. This may include Risks Management, Operating Security Services/Tools to support the Information Security Program of the Bank.
- Control approve the request/changes related to security, control activities of IT security: implementing, operating, vulnerabilities management
- Contribute to the IT Security Dash Board for Management
- Work with both internal/external audit during audit programs
- Training IT security awareness
- Collect, analyze and produce report for IT Security every month
Yêu Cầu Công Việc
Education:
- Bachelor's or Technical Degree Required (IT, Cryptography, computer science, information systems, business administration or other industry-related curriculum)
Experience:
- 3+ years or more of working experience in IT security banking, good knowledge international IT security standards (ISO 270001, PCI-DSS,…), ITIL
- Have good knowledge about: network security, system security, application security and virus/malwares, secure coding
- Expert with architect, security technology, integration
- Have good knowledge with pen test with OWSAP Standard and ability discovery & exploit vulnerabilities, cyber attack
- Good using some tools for hacking: VA, APPScan, Metaexploit, kalilinux
- Experienced in implementing ISO27000/PCI-DSS is preferred
Have good knowledge with secure coding with some languages: Python, Shell, PHP and have good knowledge with encryption, cryptography techniques
- Stakeholder expectation management
- People Management
- Risk Management
- Budget Management
Skills:
- Have ability to read and understand the professional documents in English.
- Strong interpersonal and communication skill
- Be able to catch up and manage works quickly and effectively
- Be able to work independently with high pressure, good in teamwork
- Careful, responsible, and secure in protecting information/data belong to Bank
- Good knowledge of risk management principles, methodology and practice
Hình thức
Quyền Lợi
See yourselves in a new light
In essence of joining our company, you will be given the scope to seize every opportunity and helped to acquire specific competencies you’ll need to succeed either you wish to go wide or go deep. Our company prides ourselves on our underpinned principle of nurturing people in not only HR policies but also in our culture. We value innovations and we need people to work on initiatives and carry on our business vision of operating excellence and market leadership.
Alongside with these, we believe our staff members deserve a good working condition, so that in addition to social health insurance you will be accessible to health and accident insurance and will be eligible to join in team building every year. We also value your efforts; for this reason, we give you both financial and non-financial rewards such as: KPI bonus, Best Initiatives, Best performer or Best manager of the year, etc.
Company's Benefits
- Financial support:
- Probation with full salary
- Lunch allowance
- Wedding support
- Family funeral support
- 13th month salary + KPIs bonus
- Performance rewards and awards
- Healthcare Insurance
- Events and activities:
- Christmas
- Year End party
- Team Building
- Family Day
- Sport Day
