IT Manager

Security Operations & Monitoring (Core Responsibility)
+Lead and operate the SOC function using:
- Microsoft Sentinel and/or Splunk as SIEM
- Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, Office 365)
- Integrate and operate monitoring from:
- Grafana & Prometheus for infrastructure and service telemetry
- Infrastructure, cloud workloads, applications, and endpoints
+Define and maintain:
- SOC runbooks and incident playbooks
- Alert triage, escalation, and response workflows
+Ensure effective correlation between:
- Infrastructure metrics
- Security logs
- Application- level signals
Incident Response & Threat Handling
+Act as incident owner and commander for security incidents.
+Manage response to:
- Endpoint compromise
- Data leakage and insider threats
- Identity- based attacks (AAD / Entra ID)
- Cloud misconfiguration incidents
+Coordinate with:
- External vendors or MSSPs (if applicable)
- Infrastructure / Cloud / DevOps teams
+Lead post- incident RCA, lessons learned, and preventive action tracking.
Asset Management & Security Ticket Operations
+Own security- related asset inventory, including:
- End- user devices (managed via Microsoft Intune)
- Servers, VMs, cloud resources, and network devices
+Ensure asset lifecycle alignment with:
- Security classification
- Risk ownership
- ISO asset management controls
+Operate and govern:
- SLAs, escalation rules, and closure quality
- Security ticket queue (incident, vulnerability, audit findings)
+Integrate SOC alerts with:
- ITSM / ticketing systems (e.g., Jira, ServiceNow, Azure DevOps)
Vulnerability Management
+Own the vulnerability management lifecycle, including:
- Discovery, prioritization, remediation, and verification
+Operate vulnerability scanning tools across:
- Applications
- Endpoints
- Servers
- Cloud workloads
+Collaborate with DevOps teams using:
- SonarQube for code- level security and technical debt
- CI/CD pipelines to shift security left
+Track and report:
- Vulnerability aging
- Risk acceptance
- Remediation effectiveness
Endpoint, Identity & Zero Trust Security
+Enforce endpoint security using:
- Microsoft Intune (compliance, device health, conditional access)
- Microsoft Defender for Endpoint
+Oversee:
- MFA, Conditional Access, Privileged Identity Management (PIM)
- Identity & Access Management (Microsoft Entra ID)
+Align security operations with Zero Trust principles.
Cloud & Hybrid Security Operations
+Govern security posture for:
- Azure (primary)
- AWS / GCP (if applicable)
+Use Defender for Cloud and CSPM practices to:
- Monitor misconfigurations
- Track compliance posture
+Collaborate with platform teams on:
- Kubernetes and container security (if applicable)
- Secure baseline definitions
Compliance, ISO & Audit Ownership
+Own and operate ISO 27001 security controls from an operational standpoint.
+Maintain:
- Risk assessments and treatment plans
- Policies, procedures, and evidence
+Act as security focal point for:
- Penetration test findings
- ISO audits
- Client security audits and questionnaires
+Ensure continuous compliance, not audit- only readiness.
Reporting, Metrics & Continuous Improvement
+Define and report SOC KPIs, such as:
- Incident trends
- Compliance status
- MTTD / MTTR
- Vulnerability exposure
+ Build executive- level security dashboards using:
- Sentinel / Splunk
- Grafana
+Drive SOC maturity roadmap, automation, and tool optimization.

Experience

5+ years in Cybersecurity / Information Security
1- 2+ years leading SOC or Security Operations teams
Proven hands- on experience with Microsoft or any Cloud / On Premises security ecosystem
Strong experience in IT / Managed Services environments

Technical Expertise

SIEM: Microsoft Sentinel and/or Splunk
Vulnerability management & scanning tools
Microsoft Intune (MDM/MAM, compliance policies)
Monitoring & observability: Grafana, Prometheus
Microsoft Defender Suite (Endpoint, Identity, Cloud, O365)
Secure SDLC tooling: SonarQube
Strong understanding of:
Hybrid infrastructure security
Cloud security (Azure- first)
Endpoint & identity threats
Compliance & GovernanceStrong hands- on experience with ISO 27001
Experience handling:
Client security assurance
Audit evidence
Control implementation

Soft Skills

CISSP / CISM / CISA
Preferred Certifications
ISO 27001 Lead Implementer or Auditor
Excellent communication with engineering, management, and clients
Microsoft Security certifications (SC- 200, SC- 300, SC- 100)
Strong operational leadership and decision- making
Ability to handle high- pressure incident scenarios
Process- driven, audit- aware mindset
Cloud security certifications (Azure preferred)

Join a global team and work directly with many talents around the world.
Evaluate salary annually.
13 months’ salary per year.
Working & growing with a passionate, young, and talented team.
Premium Health Insurance TECHVIFY Care.
Salary: Range (30 000 000 vnd- 60 000 000 vnd)
Sponsor and encourage staff to study courses by covering tuition fee, such as Udemy, Coursera.

Cập nhật gần nhất lúc: 2026-01-29 14:00:04