| Mô tả công việc
||Implementing IT Security:
1. Research/develop/implement technique security standards/guide aligned with international standards, policy requirements.
2. Research/develop & implement/control implement security solutions to protect services, data.
3. Implementing tasks from IT projects of the Bank, the security improvement projects.
Operating IT Security:
4. Manage and approve the configuration changes related to security.
5. Ensure new device/system apply security standards of bank and fixed vulnerabilities.
6. Operate and maintain security systems such as SIEM, IPS/IDS, DLP, and PIM…
7. implement Controls operation tasks related with security of other departments exp: Antivirus, update patch..
Technical vulnerabilities management:
8. Control Update information about new security vulnerabilities, virus/malwares, risks/threats daily, analyze and give recommendation to fix problems to all related departments.
9. Control Perform discovery vulnerabilities peodic for OS, APP, DB, networks and control fixed Plan (VA, Pentest, ASV, APT, segment test)
10. Control Manage and Remediation all vulnerabilities was detected with IT services
11. Motivate team members to work collaboratively and effectively. Mitigate team conflict and communication problems
12. Do others jobs assigned by Manager/Director
| Yêu cầu công việc
- Major in IT, Academy of Cryptography Techniques/University of Science and Technology or equivalent.
- Have at least 5 years of experiences in Information Security field, good knowledge about technologies about security such as IAM, Firewall, IDS/IPS, Filtering, DLP, SIEM, WAF, FIM, PIM, RMS, Vunerabilities management, Patch managent, endpoint protection, PKI..
- Have good knowleged for: network, OS, web/application, database and other product;
- Have good knowleged for system intergrate and architect.
Other requirements (If any):
- Well-trained about Redhat/CentOS, Debian, Unix, AIX; Windows Be able to use effectively exploit, testing, hacking tools. Good knowledge about attack/offence techniques;
- Good knowledge about international security standards, good oriented on technology, wide understanding about various technologies and services;
- Good knowledge about security frameworks: ISO 27001, PCI DSS, ITIL…