Mô tả công việc
A. Job Objectives
Participate in the implementation, operation, and control of application and data-related security activities to ensure compliance with internal regulations and legal requirements, and to minimize the risk of data leaks and security vulnerabilities.
B. Main Responsibilities
1. Information Security Assessment
• Conduct security assessments for information systems according to plan
• Review security configurations and access control
• Monitor vulnerability remediation and non-compliance issues
2. Application Security
• Participate in the security process in the SDLC: Review security requirements, support secure coding, perform SAST/DAST/SCA testing, conduct pre-golive information security assessments, coordinate with Dev, QA, and Infrastructure to address vulnerabilities
• Manage the operation of application security systems: Mobile Security, SAST, DAST
3. DLP System Operation
• Monitor alerts and handle DLP events
• Refine rules/policies
• Analyze data leakage cases
• Prepare periodic reports
• Data Classification & Protection: Participate in building and implementing data classification, label data according to regulations, propose appropriate protection measures for each classification level Type
4. Database Security
• Monitoring and operating the Database Firewall/DAM system
• Tracking unusual database access
• Reviewing database access rights
5. Reporting & Compliance
• Preparing periodic or ad-hoc operational reports as required.
• Assisting in providing documentation for audits/inspectors.
Yêu cầu
- Bachelor's degree in IT or related fields, with >2 years of experience in security, preferably candidates with experience in similar fields (Application Security, DLP, Database Security)
- Language: Conversational English, ability to read and understand technical documents.
- Basic knowledge of:
• Operating systems, networks, TCP/IP, network security systems, intrusion detection and prevention systems, and systems related to information security.
• Application Security: OWASP Top 10, Secure SDLC, Security Testing (SAST/DAST is an advantage)
• Data Protection: Data classification, Data Loss Prevention (DLP), Data access control
• Databases: Popular database management systems (Oracle / SQL Server / MySQL...), Concepts of permissions and database audit
• Certifications: Candidates with the following certifications are preferred: CEH, CompTIA Security+/Pentest+, eJPT / PNPT, OSCP, CSSLP...
Quyền lợi
Thưởng
Performance Bonus
Chăm sóc sức khoẻ
Annual Health Check-Up
Đào tạo
Internal and External Training
Thông tin khác
NGÀY ĐĂNG
[protected info]
CẤP BẬC
Nhân viên
NGÀNH NGHỀ
Công Nghệ Thông Tin/Viễn Thông > System/Cloud/DevOps Engineer
KỸ NĂNG
Application Security Assessment
LĨNH VỰC
Phần Mềm CNTT/Dịch vụ Phần mềm
NGÔN NGỮ TRÌNH BÀY HỒ SƠ
Tiếng Anh
SỐ NĂM KINH NGHIỆM TỐI THIỂU
2
QUỐC TỊCH
Người Việt Nam
Xem thêm
Thông tin chung
- Thu nhập: $ 800-1,100 /tháng
Nơi làm việc
- 97A Nguyen Van Troi St., Phu Nhuan Ward, HCMC