Cybersecurity Engineer (Security/API/Networking)

Security Monitoring & Operations
Continuously monitor systems through IDS/IPS, SIEM, and other security tools.
Detect and respond to security incidents: malware, brute force attacks, DDoS, phishing, web attacks, and transaction anomalies.
Manage, configure, and upgrade security and network devices, including NGFW firewalls, VPN, switches, and anti-DDoS systems.
Monitor security for trading systems (OMS/Trading Core), partner API connections, online trading platforms, and mobile applications.
Risk Assessment & Control
Conduct security risk assessments for new systems and IT projects.
Coordinate with external vendors to perform penetration testing and vulnerability assessments.
Track, analyze, and remediate vulnerabilities (CVE, Zero-day).
Review and assess cloud infrastructure security.
Regulatory Compliance & Audit
Ensure compliance with regulations, including Circular 13/2022/TT-BTC and requirements from SSC, Stock Exchanges, and VSD.
Maintain alignment with standards such as ISO 27001 and SOC 2.
Develop and update Information Security (IS) procedures: access management, risk management, incident response, backup, and disaster recovery.
Access & Privilege Management
Manage system access rights across the domain, CRM, email, databases, and trading systems.
Perform periodic access reviews and user attestation.
Implement and manage MFA and privileged account management (PAM).
Incident Response
Execute incident response procedures and conduct root cause analysis (RCA).
Report incidents to SSC/HOSE/VSD when trading activities are affected.
Security Awareness
Conduct internal security awareness training on anti-phishing, email safety, and risk identification.