Job description
Job Purpose:
• To support and making sure business units meet local and group requirements under IT Security and Governance.
• Ensuring IT systems and applications within our organization meet the needs of the business while adhering to security best-practices, compliance and regulatory requirements.
• To work as part of an ongoing programme to improve the Information Security management and technical controls.
• To work on a range of vulnerability management, secure coding practices, data loss prevention, event monitoring and reporting..
• To maintain of the existing information security operational tasks
• Follow IT Security to execute internal penetration testing, vulnerability assessment and source code reviewing for internal app of banking.
Key Responsibilities:
• Assess controls for information in every form / all formats (e.g. electronic and physical).
• Recommend fixes for detected vulnerabilities to maintain a high-security standard.
• Coordinate to perform or oversee vulnerability and penetration testing.
• Document security breaches and assess the damage they cause.
• Research security enhancements and make recommendations to management.
• Stay up-to-date on information technology trends and security standards.
• Monitor the security effectiveness across the portfolio.
• Assist to develop and monitor reliable metrics for information security activities to identify trends and develop action plans to drive continuous improvements.
• Assist, when requested, in establishing information security requirements for all new features and services while assessing and driving security enhancements across existing solutions.
Your skills and experience
Job Specification *
• University degree in fields of Computer Science; Information System Engineer, Management Information System or equivalent required.
• CEH, Security+,
• CCNA Security
• Minimum 1 years working in IT Security fields
Required Competencies and Skills *
Technical/Functional skills
• Expirence with VAPT for Mobile Application, Networking….
• Any experience with SIEM tools such as GrayLog, ELK, Splunk, etc would be advantageous
• Understanding of patch management for servers and end units with knowledge of how patches are deployed and understanding the business impact
• Demonstrable experience with endpoint protection software and configurations
• Security Configuration of Windows, Linux, DBMS (MS SQL/MySQL).
• Network Security Devices (such as Cisco, Fortinet).
• Having good knowledge of OWASP Top 10 Security Web Vulnerabilities
• Familiar with programming languages such as: Bash shell, Python, Powershell… is a plus
Personal skills (Soft Competencies)
• Ability to multitask, proactive, build relationships and interact/network effectively with internal and external parties.
• Problem solving skills
• Flexible and team work
Why you'll love working here
- 13th month salary
- Year-end bonus based on performance rating
- Professional working environment
- Private insurance (Generali) for staff (included spouse and children)
- 15 Annual leave per year
CIMB Bank Vietnam
CIMB Bank Vietnam