Expired
Job description
- Develop a complete understanding of a company’s technology and information systems
- Design, build, implement and support enterprise-class security systems
- Align organizational security strategy and infrastructure with overall business and technology strategy
- Identify and communicate current and emerging security threats
- Design security architecture elements to mitigate threats as they emerge
- Plan, research and design robust security architectures for any IT project
- Perform or supervise vulnerability testing, risk analyses and security assessments
- Create solutions that balance business requirements with information and cybersecurity requirements
- Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
- Review and approve installation of firewall, VPN, routers, IDS scanning technologies and servers
- Test security systems to ensure they behave as expected
- Use current programming language and technologies to writes code, complete programming and performs testing and debugging of applications
- Provide supervision and guidance to a security team
- Define, implement and maintain corporate security policies and procedures
- Train users in implementation or conversion of systems
- Respond immediately to security-related incidents and provide thorough remedial solutions and analysis
- Regularly communicate vital information, security needs and priorities to upper management
- Work as part of a team of software and security engineers, with a high degree of freedom to design and build best-in-class offerings
- Point of contact for product teams as it relates to automation, CI/CD, and DevOps and/or DevSecOps
- Build tools and automation scripts that enable developers to easily consume security services delivered by the AppSec team
- Design and test solutions to unique and interesting challenges
- Investigate security breaches and other cyber security incidents.
- Document security breaches and assess the damage they cause.
- Recommend remediation for security breaches.
- To identify and eliminate manual processes using automation for areas involving information security.
- Seeking to build in security during the development stages of software systems, networks and data centres.
- Looking for vulnerabilities and risks in hardware and software.
- Finding the best way to secure the IT Infrastructure of an organization.
- Building firewalls into network infrastructures.
- Constantly monitoring for attacks and intrusions.
- When the cybersecurity specialist finds a potential threat or attempted breach, closing off the security vulnerability.
- Identifying the perpetrator and liasing with the police if necessary
Your skills and experience
Qualifications
(Basic Degree/Diploma etc)
- University degree in fields of Computer Science; Information System Engineer, Management Information System or equivalent required.
- CCSP, Security+, CKS (Certified Kubernetes Security), ITIL.
- Recognised certifications for industry accpeted IT governance standards such as ITIL is an advantage.
- Minimum 5 years working in IT fields with at least 3 year from Information Security.
Technical/Functional skills
- Experience with infrastructure vulnerability and penetration testing and techniques.
- Understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts.
- Ability to identify and mitigate network vulnerabilities and explain how to avoid them.
- Understanding of patch management for servers and end units with knowledge of how patches are deployed and understanding the business impact
- Risk assessment procedures, policy formation, role-based authorization methodologies, authentication technologies and security attack pathologies
- Security Configuration of Windows, Linux, DBMS (MS SQL/MySQL).
- Good technical understanding of enterprise IT; web applications, databases, operating systems, server/desktop hardware, mobile devices and networking technologies.
- Good knowledge of information security controls, guidelines and standards, ISO, NIST, OWASP
- Familiar with regulatory guidelines such as SBV’s Circular 09, Circular 20.
Personal skills (Soft Competencies [Core/Leadership])
- Ability to multitask, proactive, build relationships and interact/network effectively with internal and external parties.
- Problem solving skills
- Flexible and team work
Why you'll love working here
- 13th month salary
- Year-end bonus based on performance rating
- Professional working environment
- Private insurance (Generali) for staff (included spouse and children)
- 18 Annual leave per year
CIMB Bank Vietnam
View company
CIMB Bank Vietnam
Company type
IT Product
Company size
51-150
employees
Country
Vietnam
Working days
Monday - Friday
Overtime policy
No OT
More jobs for you
Get similar jobs by email
Posted
22 days ago
[Work in Philippines] DevOps Engineer (Linux, Python)
At office
Ho Chi Minh - Ha Noi - Da Nang
SUPER HOT
Posted
3 days ago
Cloud DevOps Engineer (AWS/Azure System Admin, English)
At office
Ho Chi Minh