(IT) Senior Application And Data Security Officer

Job Objectives
Participate in the implementation, operation, and control of application and data- related security activities to ensure compliance with internal regulations and legal requirements, and to minimize the risk of data leaks and security vulnerabilities.
Main Responsibilities
Information Security Assessment
• Monitor vulnerability remediation and non- compliance issues
• Review security configurations and access control
• Conduct security assessments for information systems according to plan
Application Security
• Participate in the security process in the SDLC: Review security requirements, support secure coding, perform SAST/DAST/SCA testing, conduct pre- golive information security assessments, coordinate with Dev, QA, and Infrastructure to address vulnerabilities
• Manage the operation of application security systems: Mobile Security, SAST, DAST
DLP System Operation
• Refine rules/policies
• Monitor alerts and handle DLP events
• Data Classification & Protection: Participate in building and implementing data classification, label data according to regulations, propose appropriate protection measures for each classification level Type
• Prepare periodic reports
• Analyze data leakage cases
Database Security
• Reviewing database access rights
• Monitoring and operating the Database Firewall/DAM system
• Tracking unusual database access
Reporting & Compliance
• Preparing periodic or ad- hoc operational reports as required.
• Assisting in providing documentation for audits/inspectors.
- Language: Conversational English, ability to read and understand technical documents.
- Bachelor&039;s degree in IT or related fields, with >2 years of experience in security, preferably candidates with experience in similar fields (Application Security, DLP, Database Security)
- Basic knowledge of:
• Databases: Popular database management systems (Oracle / SQL Server / MySQL…), Concepts of permissions and database audit
• Application Security: OWASP Top 10, Secure SDLC, Security Testing (SAST/DAST is an advantage)
• Data Protection: Data classification, Data Loss Prevention (DLP), Data access control
• Operating systems, networks, TCP/IP, network security systems, intrusion detection and prevention systems, and systems related to information security.
• Certifications: Candidates with the following certifications are preferred: CEH, CompTIA Security+/Pentest+, eJPT / PNPT, OSCP, CSSLP…
Ngành nghề: CNTT- Phần mềm
Địa điểm: Hồ Chí Minh
Hình thức: Nhân viên chính thức
Kinh nghiệm: 2 Năm
Cấp bậc: Nhân viên

- Language: Conversational English, ability to read and understand technical documents.
- Bachelor&039;s degree in IT or related fields, with >2 years of experience in security, preferably candidates with experience in similar fields (Application Security, DLP, Database Security)
- Basic knowledge of:
• Databases: Popular database management systems (Oracle / SQL Server / MySQL…), Concepts of permissions and database audit
• Operating systems, networks, TCP/IP, network security systems, intrusion detection and prevention systems, and systems related to information security.
• Data Protection: Data classification, Data Loss Prevention (DLP), Data access control
• Certifications: Candidates with the following certifications are preferred: CEH, CompTIA Security+/Pentest+, eJPT / PNPT, OSCP, CSSLP…
• Application Security: OWASP Top 10, Secure SDLC, Security Testing (SAST/DAST is an advantage)

Chế độ bảo hiểm, Du Lịch, Phụ cấp, Đồng phục, Chế độ thưởng, Chăm sóc sức khỏe, Đào tạo, Tăng lương, Công tác phí, Phụ cấp thâm niên, Nghỉ phép năm, CLB thể thao

Cập nhật gần nhất lúc: 2026-03-07 00:30:03