Senior Security Engineer

Top 3 reasons to join us

• We build a professional & fun working environment.
• We focus on your growth, yes the long-term growth.
• We develop the future-ready digital bank platform.

Job description

Role Summary

In this role, you will make significant contributions to building secure and modern cloud solutions. You will be part of a team responsible for designing and implementing security measures to protect cloud environments, assessing potential vulnerabilities, and ensuring compliance with security standards.

Key Responsibilities

• Perform cloud security assessments and implement security best practices based on standards like ISO 27001, CIS, and ICS controls.
• Design and implement security measures for cloud environments, including AWS Inspector, AWS GuardDuty, Security Hub, VPC, WAF, and Trusted Advisor.
• Utilize Infrastructure as Code (IaC) technologies to automate security infrastructure deployment.
• Manage application security, following OWASP 10 and SANS 25 guidelines, and perform SAST, DAST, and SCA.
• Conduct threat modeling, vulnerability management, and penetration testing for cloud infrastructure and applications.
• Implement data governance processes, encryption mechanisms, and ID & Access Management (IAM).
• Develop processes for incident and change management, business continuity planning, and capacity management.
• Monitor and analyze logs for security insights and ensure compliance with DLP processes.
• Collaborate with DevOps/DevSecOps teams to enhance security automation and adopt secure coding practices.

Your skills and experience

• Bachelor’s degree in Information Systems, Information Technology, Computer Science, or similar.
• 5-7 years of experience in cloud security engineering.
• Strong knowledge of cloud architecture, cloud services, and security frameworks.
• Proficiency in Infrastructure as Code (IaC) tools like Terraform and cloud platforms like AWS.
• Experience in application security, vulnerability management, and penetration testing.
• Familiarity with log monitoring services and incident management processes.
• Recommended certifications: CCSK, CCAK, CCSP, AWS Security Specialty.

Why you'll love working here

HR benefits

• Competitive salary
• Salary band per level are reviewed once per year
• 13th month salary pro rata depending on the employee’s length of service (within a calender year), paid with the December salary
• Monthly lunch allowance: 700,000 VND/employee
• Parking: GFT covers the monthly parking fee for employee motorbikes
• Performance evaluation is once per year, for 2 purposes:
     > Performance bonus   > Salary increments

Health care

• Private health insurance: including accident, outpatient, in-patient, maternity, and dental for all permanent employees who pass 2-month probation.
• Optical: expense claim for eyewear
• Annual health check-ups.

Vacation

• Maximum 18-day vacation leave/year (with the ability to carry over 05 days till 31st March of the following year)
• Adding one more annual leave day for each two-year anniversary.

Healthy lifestyle

• Sports and hobby clubs: company has an annual fund for fitness activities, which is allocated per month as team’s vote.
• Range of healthy snacks, tea, coffee, milk and beer on tap

Social

• Company townhall: each 6 weeks
• CSR activities: as per company’s CSR guideline
• Onsite tour/training courses at other GFT offices and client’s destination overseas (where applicable).