Job Description
Maintain security policies, standards, and operational documentation.
Assist in security audits, compliance checks, and evidence collection (ISO 27001, SOC 2, etc).
Other tasks assigned.
Monitor security events, logs, and alerts.
Implement continuous compliance checks and guardrails (CIS Benchmarks, NIST, ISO).
Understand and build automation processes.
Work with DevOps/Infrastructure teams to patch high- risk findings.
Integrate OWASP Top 10 recommendations throughout the software development lifecycle (SDLC), focusing on secure coding practices and secure design principles.
Improve alert enrichment, triage automation, and response actions.
Work with developers to identify and fix security vulnerabilities in applications.
Monitor IAM policies, privilege escalations, and access anomalies.
Support security configuration, hardening, and continuous compliance.
Conduct security patches and server updates for the system regularly.
Create scripts and internal tools (Python/Bash/PowerShell) to automate security tasks.
Perform root cause analysis and recommend remediation action.
Enforce security best practices for AWS/Azure/GCP environments.
Run regular vulnerability scans and track remediation progress
Develop custom tools to improve detection, investigation, and response efficiency.
Document incidents and improve incident response playbooks.
Evaluate new vulnerabilities and assess business impact.
Support Zero Trust and least- privilege models.
Job Requirement
Have experience with Cloud services (AWS/Microsoft Azure/GCP).
Deep understanding of TCP/IP, routing, VLANs, subnetting, and secure network architecture.
At least 2 years of working experience in the same position.
Strong knowledge of Identity and Access Management (IAM), Role- Based Access Control (RBAC), least- privilege design, and just- in- time (JIT) access implementation.
Good English communication skills.
Have experience with performance optimization and issue troubleshooting.
Strong knowledge of Active Directory.
Have experience with enterprise firewalls (Palo Alto, Fortinet, Cisco ASA, or equivalent).
Strong knowledge of networking, Linux/Windows OS, and common protocols.
Nice to have
Proven experience with Vulnerability Assessments/Penetration Tests.
Have experience with Okta is a plus point.
Have experience with Mobile Device Management (MDM) is a plus point.
Why Join Us
Premium healthcare (PTI).
13th- month salary.
Annual health check- ups.
Yearly company trip.
Attractive salary commensurate with your expected salary and working experience.
Monthly parties.
Company bonus.
Full pay during the probation period.
Employee gifts for special occasions such as celebrations and birthdays.
Quarterly team outing budget.
14 days of annual leave.
Have opportunities to work onsite in Singapore.
The total contribution to social insurance is based on the Net salary.
Company Address
Ho Chi Minh Office:
Unit B1- B3- B4, 16th Floor, International Plaza Building
343, Pham Ngu Lao Street, Ben Thanh Ward (formerly District 1), Ho Chi Minh City
Can Tho Office:
1st Floor, STS Tower, No. 11B, Hoa Binh Avenue, Ninh Kieu Ward, Can Tho City
