IT Security Analyst

General description
Established in 2004 and licensed by the Vietnamese Government, Vietnam Australia International School (VAS) is a private school group with the national education system offering K-12 education programmes. At present, VAS is offering educational services to nearly 8,000 students from K through 12 at 6 campuses in Ho Chi Minh City.
About this job
The IT Security Analyst will be responsible for securing the XCL school's digital infrastructure, safeguarding sensitive parent, student and staff information, and mitigating cyber threats. This role ensures compliance with cybersecurity standards, manages network security, and enhances overall cybersecurity awareness within the institution.
Scope of the role
- Manage, monitor, and immediately and accurately alert and remediate IT security incidents.
- Cooperate with Procurement, Accounting, Finance team, and Suppliers for the IT Security control implementation projects, following the purchasing process and policy to ensure that the projects are finished on time.
- Regularly conduct security vulnerability, scanning and report the security findings to the management. Follow up to ensure the security findings are mitigated on time.
- Develop, review, and support the implementation of information security policies, standards, and procedures
- Complete other tasks assigned by Management on time.
Key Responsibilities
Security Solutions Implementation and Management
- Design, propose, and implement security solutions such as SIEM, SOAR and Vulnerabilities Management to enhance XCL 's cybersecurity posture.
- Support and manage security devices, including NGFW and WAF, ensuring the security of XCL IT systems and users
- Administer and optimize SIEM for security monitoring and incident detection.
- Configure and manage M365 security features, including Defender for Endpoint, Defender for Identity, and other M365 security components.
- Conduct Proof of Concept (PoC) evaluations for new security solutions and recommend improvements.
Security Policies, Procedures, and Compliance
- Develop, review, and support the implementation of information security policies, standards, and procedures.
Threat Monitoring and Incident Response
- Implement and oversee security monitoring systems to detect, analyze, and respond to security incidents.
- Investigate and mitigate security threats, unauthorized access attempts, and data leaks, ensuring timely incident resolution.
- Provide alerts and reports to relevant departments and management on security threats and incidents.
Vulnerability Management and Risk Assessment
- Conduct regular security vulnerability scanning of applications, servers, and network devices.
- Utilize vulnerability management tools to track, analyze, and remediate security gaps within XCL's IT infrastructure.
- Develop mitigation plans and collaborate with IT teams to address identified vulnerabilities within required timelines.
- Participate in security assessments and provide risk evaluation reports.
Collaboration with Schools Across Southeast Asia
- Support and coordinate IT security initiatives with schools in different Southeast Asian countries.
- Share best practices and ensure alignment in security policies and procedures across the region.
- Assist in regional security projects and compliance efforts.
Research and Innovation
- Research and test new security technologies and methodologies to enhance the company's cybersecurity framework.
- Stay updated with the latest security trends, threats, and regulatory requirements
Internal contacts
IT Team
Legal Team, Academic Team, Admission Team...
External contacts
Microsoft, other vendors
Additional duties
Perform other tasks as assigned by management.
The above Job Description and following Person Specification is a guide to the duties, professional responsibilities and core competences. It does not form part of the contract of employment.