CyberSecurity Manager (Linux, DevOps)

CIMB Bank Vietnam
Viettel Complex Building – 285 Cach Mang Thang Tam, District 10, HCM., District 10, Ho Chi Minh
19 days ago

Job Description

  • Develop a complete understanding of a company’s technology and information systems
  • Design, build, implement and support enterprise-class security systems
  • Align organizational security strategy and infrastructure with overall business and technology strategy
  • Identify and communicate current and emerging security threats
  • Design security architecture elements to mitigate threats as they emerge
  • Plan, research and design robust security architectures for any IT project
  • Perform or supervise vulnerability testing, risk analyses and security assessments
  • Create solutions that balance business requirements with information and cybersecurity requirements
  • Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
  • Review and approve installation of firewall, VPN, routers, IDS scanning technologies and servers
  • Test security systems to ensure they behave as expected
  • Use current programming language and technologies to writes code, complete programming and performs testing and debugging of applications
  • Provide supervision and guidance to a security team
  • Define, implement and maintain corporate security policies and procedures
  • Train users in implementation or conversion of systems
  • Respond immediately to security-related incidents and provide thorough remedial solutions and analysis
  • Regularly communicate vital information, security needs and priorities to upper management
  • Work as part of a team of software and security engineers, with a high degree of freedom to design and build best-in-class offerings
  • Point of contact for product teams as it relates to automation, CI/CD, and DevOps and/or DevSecOps
  • Build tools and automation scripts that enable developers to easily consume security services delivered by the AppSec team
  • Design and test solutions to unique and interesting challenges
  • Investigate security breaches and other cyber security incidents.
  • Document security breaches and assess the damage they cause.
  • Recommend remediation for security breaches.
  • To identify and eliminate manual processes using automation for areas involving information security.
  • Seeking to build in security during the development stages of software systems, networks and data centres.
  • Looking for vulnerabilities and risks in hardware and software.
  • Finding the best way to secure the IT Infrastructure of an organization.
  • Building firewalls into network infrastructures.
  • Constantly monitoring for attacks and intrusions.
  • When the cybersecurity specialist finds a potential threat or attempted breach, closing off the security vulnerability.
  • Identifying the perpetrator and liasing with the police if necessary

Your Skills and Experience

Qualifications

(Basic Degree/Diploma etc)

 

  • University degree in fields of Computer Science;  Information System Engineer, Management Information System or equivalent required.
Professional Qualification and/or Regulatory, Licensing requirements 
  • CCSP, Security+, CKS (Certified Kubernetes Security), ITIL.
  • Recognised certifications for industry accpeted IT governance standards such as ITIL is an advantage.
Relevant Work Experience
  • Minimum 5 years working in IT fields with at least 3 year from Information Security.

Technical/Functional skills

  • Experience with infrastructure vulnerability and penetration testing and techniques.
  • Understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts.
  • Ability to identify and mitigate network vulnerabilities and explain how to avoid them.
  • Understanding of patch management for servers and end units with knowledge of how patches are deployed and understanding the business impact
  • Risk assessment procedures, policy formation, role-based authorization methodologies, authentication technologies and security attack pathologies
  • Security Configuration of Windows, Linux, DBMS (MS SQL/MySQL).
  • Good technical understanding of enterprise IT; web applications, databases, operating systems, server/desktop hardware, mobile devices and networking technologies.
  • Good knowledge of information security controls, guidelines and standards, ISO, NIST, OWASP
  • Familiar with regulatory guidelines such as SBV’s Circular 09, Circular 20.

Personal skills (Soft Competencies [Core/Leadership])

  • Ability to multitask, proactive, build relationships and interact/network effectively with internal and external parties.
  • Problem solving skills
  • Flexible and team work

Why You'll Love Working Here

  • 13th month salary
  • Year-end bonus based on performance rating
  • Professional working environment
  • Private insurance (Generali) for staff (included spouse and children)
  • 18 Annual leave per year


 

CIMB Bank Vietnam