IT Security Operations (SecOps) Manager

Ngân Hàng Á Châu | ACB
Expired
CyberSecurity & Agile team in ACB
Hackathon | Win 2019
Hackathon | Win 2019
+2
442 Nguyễn Thị Minh Khai, District 3, Ho Chi Minh
At office

Top 3 reasons to join us

  • 13 Monthly Base Salary
  • Training
  • Recorgnition

Job description

We are looking for an Senior Security Operation Manager - who can deliver and maintain a sound security operations and incident response teams to rapidly fight cyber criminals who are looking to attack us. A strong technical background such as prior cybersecurity experience is a requirement for this position. The right candidate must thrive in high-pressure situations, think like both an attacker and defender, and drive security teams to take the right actions in the right time frames to mitigate risks.

You will join a dynamic and fast-paced environment and work with cross-functional teams to design, build and roll-out products that deliver the company’s vision and strategy.

Responsibilities: 

  • Lead and develop our ACB Cybersecurity Blue Team.
  • Monitor, manage, and secure ACB’s systems, networks, applications.
  • Tune rules, filters and policies for detection-related security technologies to improve accuracy and visibility
  • Recommends how to optimize security monitoring tools based on threat hunting discoveries.
  • Reviews asset discovery and vulnerability management data. Explores ways to identify stealthy threats that may have found their way inside network using the latest threat intelligence.
  • Manage and develop a multi-vendor / consultant network as well as leverage existing cybersecurity solutions to ensure appropriate solutions are in place.
  • Identify, track and investigate high priority threat campaigns and malicious actors
  • Escalate incidents, when necessary, based on ACB’s processes
  • Supervises the activity of the ACB Cybersecurity Blue Team. Recruits, hires, trains, and assesses the staff.
  • Manages the escalation process and reviews incident reports.
  • Measures our SOC performance metrics and communicates the value of security operations to business leaders.
  • Confidently and intelligently respond to security incidents, and programmatically prevent the same type of incidents from occurring in the future.
  • Design and coordinate cohesive responses to security events that involve multiple teams across the organization.
  • Evaluate the impact to our organization of current security trends, advisories, publications, and academic research.
  • Cultivate and maintain effective relationships with relevant external entities, such as government and law enforcement agencies, regulatory agencies, and private sector counterparts.
  • Work effectively with site leadership and other stakeholders such as Engineering Team, Finance, IT, OP, and Legal to address security requirements, any potential concerns.
  • Assist the IT, OP and Engineering teams with security systems technology integration, design, and implementation.
  • Partner with internal Risk Steering Committee to enhance programs supporting our operations

Your skills and experience

Requirements: 

  • 8+ years of experience in Security Operations, Threat Hunting or Incident Response required
  • 3+ years of experience in managing people & setting objectives, KPIs with deadline for them.
  • Ability to communicate effectively across all levels of our organization
  • Strong understanding of cyber threats, risk management and information security in the domains of TTP's, threat actors, campaigns, observables and mitigation.
  • Strong experience in Incident response, running SOC and standing up security operations architecture for visibility, detection, containment and mitigation controls.
  • Has working experience with Enterprise Security Information Event and Management (SIEM) tools and Log Management tools. Preferably, the candidate has basic knowledge and experience in Use Case Management.
  • Has working experience with Endpoint Detection and Response (EDR) tools.
  • Has the fundamental knowledge and experience on host and network forensics.
  • Has basic knowledge on security technologies, such as Firewalls, Secure Web and Email Gateways, Intrusion Detection Systems (IDPS), Application Control, Sandboxing, etc.
  • Security Orchestration, Automation and Response (SOAR) solutions.
  • This can be a stressful, pressure-packed job. We need you to be flexible, adaptable and down-to-earth and an expert in multi-tasking.
  • Strong problem-solving skills and willingness to roll up one’s sleeves to get the job done.

Desired: 

  • GIAC Certificates, OSCP, OSCE a plus.
  • Startup experience a plus.
  • Has a high degree of curiosity, especially in regards to incident investigation and response. The candidate is not quick in making assumptions, but rather looks deep and analyses extensively, in order to find hidden connections.
  • Thinks and acts creatively and is not restricted to standard solutions.
  • Is a good team player who enjoys working and exchanging knowledge and information. In addition, the candidate must be willing and capable of working for extended hours alone, during night shifts.
  • Has a critical mindset, speaks up, and challenges processes, ideas, etc., with the intention of improving the work and the team.
  • Constantly works on improving knowledge on cyber security and other business fields.
  • Knowledge at Penetrating Tests, Red Teaming, Threat Hunting will be an advantage.
  • Understanding the MITRE ATT&CK and Cyber Kill-Chain will be an advantage.
  • Experienced with Endpoint Detection and Response (e.g. GRR, osquery, sysmon), YARA rules, Volatility will be an advantage.
  • Desirable knowledge of various compliance such as SBV, PCI DSS is advantageous
  • Great knowledge in scripting (Python, Go, PowerShell) will be an advantage.
  • Work experience within a multicultural environment would be beneficial

Why you'll love working here

Bắt Tay Cùng ACB

  • Bạn có thêm 10.000 đồng nghiệp tại 365 đơn vị trên cả nước.
  • Bạn được chia sẻ những mối quan tâm với một cộng đồng thân thiện, tôn trọng con người
  • Bạn tiếp cận với kiến thức, kỹ năng mới nhất bằng các phương pháp tư đào tạo hiện đại
  • Bạn làm chủ con đường sự nghiệp trong một môi trường luôn vận động, đầy thách thức
  • Chế độ phúc lợi, đãi ngộ của bạn được bảo đảm
  • Bạn thực hiện trách nhiệm với cộng đồng qua những hoạt động tình nguyện ý nghĩa

Và Nếu Bạn Là Một Nhân Tài Của ACB

  • Chúng tôi tạo điều kiện để bạn chủ động nắm bắt những cơ hội thăng tiến công bằng, nhanh chóng.
  • Bạn được quy hoạch, huấn luyện và đào tạo để đáp ứng nhu cầu nguồn lực trung, dài hạn cũng như đủ năng lực kế thừa
  • Có sự đánh giá, ghi nhận và tưởng thưởng xứng đáng

Ngân Hàng Á Châu | ACB

View company

Asia Commercial Bank (ACB)

Company type
IT Product
Company size
1000+ employees
Country
Vietnam
Working days
Monday - Friday
Overtime policy
No OT