Information Security Expert ( HN/HCM) - TA144

Vulnerability assessment and penetration testing program and responsible for the design and performance of application security robustness tests.

Security controls end to end for projects/CR make sure new services & system is safe before golive
Develop/implement/trainning/apply security by design framework to Bank
Research/develop new security standards/technique guidle and apply to bank
Operate security technologies, control security changes/ensuring the safety of information technology systems
Consult with application developers, systems administrators, and management to demonstrate security testing results, explain the threat presented by the results, and consult on remediation
Communicate security issues to a wide variety of internal and external “customers” to include technical teams, executives, risk groups, vendors and regulators
Trial attacks & incident response
Supporting Vendor Security activities to ensure 3rd‐party software and development meets Bank security standards.
Operate a hands- on role involving penetration testing and vulnerability assessment activities of complex applications, operating systems, wired and wireless networks, and mobile applications/devices
Deliver the annual penetration testing schedule and conducting awareness campaigns to ensure proper budgeting by business lines for annual tests
Automate penetration and other security testing on networks, systems and applications
Continuously improve security controls in the software development process

Implement security program to security development

Consulting for the project to resolve arising problems, beyond the technical scope
Participation with key technicque in security projects, security solutions requires a very high of expertise skill

Develop/implement/apply security by design to Projects

Develop/implement/trainning/apply security by design framework to Bank
Supporting Vendor Security activities to ensure 3rd‐party software and development meets Bank security standards.
Security controls end to end for projects/CR make sure new services & system is safe before golive

Trình độ đào tạo
Bachelor&039;s or Technical Degree Required (IT, Cryptography, computer science, information systems, business administration or other industry- related curriculum)
Kiến thức/ Chuyên môn cần có
5 years or more of working experience in IT security banking, good knowledge international IT security standards (ISO 270001, PCI- DSS,…), ITIL

Have good knowledge about: network security, system security, application security and virus/malwares, secure coding, cloud, devsecops
Have good knowledge with pen test with OWSAP Standard and ability discovery & exploit vulnerabilities, cyber attack
Have good knowledge with secure coding with some languages: Python, Shell, PHP and have good knowledge with encryption, cryptography techniques
Experienced in implementing ISO27000/PCI- DSS is preferred
Good using some tools for hacking: VA, APPScan, Metaexploit, kalilinux
Expert with architect, security technology, integration

Các kỹ năng/
Skills cần có

Have ability to read and understand the professional documents in English.
Strong interpersonal and communication skill
Be able to catch up and manage works quickly and effectively
Preferred Fluent in English
Be able to work independently with high pressure, good in teamwork
Good knowledge of risk management principles, methodology and practice
Careful, responsible, and secure in protecting information/data belong to Bank

Các kinh nghiệm liên quan/
Relevant Experience

Budget Management / Quản lý ngân sách
Stakeholder expectation management / Quản lý kỳ vọng của các bên liên quan, các bên thụ hưởng..
People Management / Quản lý con người, nhân sự.
Risk Management / Quản lý rủi ro

Các năng lực liên quan khác

Implementation and Deliver ability / Năng lực thực hiện và chuyển giao.
Management, Leading ability / Năng lực quản lý và khả năng lãnh đạo.
Strong Logical Thinker and Planner

Cập nhật gần nhất lúc: 2024-04-03 12:13:31