IT Security Application Team Leader

IT Security Engineering & Development
- Lead complex incident response operations and post- incident analysis.
- Research and design security solutions covering network, application, endpoint, and data security.
- Propose strategic and operational plans for secure system development.
- Support strategic planning and execution of the bank’s information security roadmap.
- Advise on the design and implementation of cross- domain security solutions.
- Conduct cybersecurity research to anticipate threats and inform architecture design.
- Perform security risk modeling and source code reviews.
- Collaborate with monitoring and incident response teams to address attack events.
- Assess emerging vulnerabilities and implement proactive defenses.
- Develop secure programming standards based on CWE/SANS Top 25, OWASP.
IT Security Implementation
- Develop and execute security assessments for IT projects and systems.
- Conduct vulnerability assessments and penetration testing (Vulnerability Assessment & Penetration Testing) on:
- Server systems (Windows, Linux), databases, network infrastructure, and cloud environments.
- Review and optimize security configurations on servers, network devices, security appliances, and storage systems.
- Web applications, Mobile applications (iOS & Android), API, Winform.
IT Security Operations
- Collaborate with relevant departments to implement security measures such as patch management, antivirus management, and endpoint protection.
- Operate and maintain critical security systems such as SIEM, IPS/IDS, DLP, PIM.
- Update and manage security vulnerabilities in IT systems, develop and implement remediation plans.
- Maintain and ensure compliance with PCI DSS certification and NHNN security standards.
Vulnerability Management
- Continuously update and monitor security vulnerabilities, malware threats, and risks; analyze and provide recommendations for remediation.
- Conduct regular security assessments (VA, Pentest, ASV, APT, segment test) for operating systems, applications, databases, and networks.
- Manage, monitor, and ensure remediation of all detected security vulnerabilities in IT services.
Other Responsibilities
- Support cross- functional tech projects.
- Perform other tasks as assigned by management.
- Assist in career development planning within the security function.
- Conduct training and mentoring programs to build internal capabilities.

Experience:
Minimum of 2- 5 years of experience in IT security, including security testing for web applications, mobile applications, server systems, and network devices.
Preferred Qualifications:
Security certifications such as GPEN, LPT, CEH, OSCP, or equivalent penetration testing certifications.Candidates with CVEs or contributions to cybersecurity projects are highly preferred.

Education
- Bachelor&039;s degree in Information Security, Cybersecurity, Cryptography, IT, Telecommunications, Computer Science, or related fields.
Technical Knowledge
- Strong knowledge of networking, security, server operating systems, Middleware, and databases.
- Proficiency in at least one programming language (PHP, Python, C/C++, Java) and understanding of Software- Development Life Cycle (SDLC).

Experience in:
- Security standards such as PCI DSS, OWASP, and cybersecurity attack techniques.
- Reviewing security requirements in BRD and business processes before system development.
- Identifying and assessing vulnerabilities in IT systems.
- Security testing for Web, API, Mobile, Winform Applications, Network, Infrastructure, and OS.

IT Proficiency
- Proficient in security testing tools, including:
- Information gathering, vulnerability scanning, and security exploitation tools.

Skills
- Strong documentation and report writing skills.
- Analytical and problem- solving abilities.
- Effective communication and presentation skills.
- Risk management skills.

Chế độ bảo hiểm, Du Lịch, Phụ cấp, Đồng phục, Chế độ thưởng, Chăm sóc sức khỏe, Đào tạo, Tăng lương, Công tác phí, Phụ cấp thâm niên, Nghỉ phép năm, CLB thể thao

Cập nhật gần nhất lúc: 2025-09-13 03:45:02