Cyber Security Solution Engineer

Job description

As a part of the cybersecurity team, you will be asked to :

• Monitor the latest attack trends and market security threats to ensure we're ahead of any emerging risks; along with performing the occasional code reviews, you will look at both the overall roadmap and specifically focus on the security implications of the code.
• This could involve collaborating with developers to address any vulnerabilities.
• To help the overall business plan, KPIs and a technical "gap list" will be maintained for the products you will focus on.
• Participating in security audits and creating necessary reports are regular occurrences, helping us maintain compliance and identify potential weaknesses.
• Oversee penetration testing activities, working with other internal Red teams to identify and address system vulnerabilities.
• Training and knowledge sharing, either learning about new security technologies or educating colleagues on best practices.

Expanded Responsibilities:

• Secure cloud systems, addressing concerns with container and monolithic deployments in public clouds.
• Implementing US government standards, data impact assessments, and security controls (CJIS, SOC-2, ISO 27001, FedRamp, WCAG, and NIST 800-53).
• Support secure and efficient web applications, ensuring seamless REST-based interactions and an optimal user experience.
• Innovate with hybrid cloud-AI applications, leveraging AI and machine learning services.
• Software testing, bug tracking, and management of software deployment using Agile-related software tracking tools (Jira, Confluence, Testrails, OTRS, ServiceNow)
• Create and track metrics using Neculus, Google Sheets, and other related tools
• Work with incident response and security teams to implement processes and procedures in the event of an incident.

Your skills and experience

• Bachelor Degree in Science, Computer Science or related applied technology field.
• Fluent in verbal and written in English language
• 3 to 5 years of experience in cloud security or cloud infrastructure engineering
• Hands-on experience with Microsoft Azure, Google Cloud Platform (GCP), and Amazon Web Services (AWS).
• Strong understanding of cloud security concepts, such as identity and access management (IAM), network security, data encryption, and vulnerability management.
• Strong understanding of network protocols (TCP/IP, SSH, UDP, IPv4, IPv6, DNS, SMTP, SFTP, DHCP, VPN, IPSec).
• Experience with Infrastructure as Code (IaC), as a concept
• Ability to solve problems independently and collaboratively in a dynamic, fast-paced environment.
• Strong communication skills, capable of conveying technical concepts to a diverse audience.
• Understanding of and the differences between static and dynamic analysis tools

Preferred Qualifications:

• Additional experience with Azure, GCP, and AWS is beneficial.
• Experience with OWASP ZAP, Mend, GitHub CodeQL, Nucleus, SonarQube
• Understanding of cloud architecture, microservices, and serverless computing.
• Proficiency in database design and management for both SQL and NoSQL databases.
• In-depth knowledge of modern authentication protocols like OAuth, OpenID Connect, SAML 2.0, FIDO2, and JWT.
• Experience with GitHub Workflows to deploy IaC
• Knowledge of security best practices related to ciphers, key management, and security protocols, and experience working with Red/Blue security teams to improve security posture.
• Experience with observability and metrics, including Prometheus, New Relic, Kirbana, SIEM’s, and Grafana.
• Knowledge of compliance frameworks, CJIS, FedRAMP, NIST 800-53
• Any relevant certifications is a plus

Why you'll love working here

• Compensation & bonus: 13th & 14th salary, AIP bonus, Holidays, Tet, and Long year service …
• Social insurance, Health insurance, Unemployment insurance: by Social Insurance and Labor Law
• The regime of annual leave, company trip, and checkup examination
• Award for marriage, newborn
• We have AON insurance package for employee, spouse, and children every year
• You will be trained, learned & work with the best technical managers who help you improve various dev skills & career path
• You’ll love working in our dynamic environment employees, young & active
• We love sport activities, as marathon, football, swimming,...
• Working time: From Monday to Friday | 08:30-12:00 & 13:00-17.30