Senior IT Security (Pentest - Architecture & Application)

IT Security Implementation
- Develop and execute security assessments for IT projects and systems.
- Conduct vulnerability assessments and penetration testing (Vulnerability Assessment & Penetration Testing) on:
- Server systems (Windows, Linux), databases, network infrastructure, and cloud environments.
- Web applications, Mobile applications (iOS & Android), API, Winform.
- Review and optimize security configurations on servers, network devices, security appliances, and storage systems.
IT Security Operations
- Maintain and ensure compliance with PCI DSS certification and NHNN security standards.
- Operate and maintain critical security systems such as SIEM, IPS/IDS, DLP, PIM.
- Update and manage security vulnerabilities in IT systems, develop and implement remediation plans.
- Collaborate with relevant departments to implement security measures such as patch management, antivirus management, and endpoint protection.
Vulnerability Management
- Manage, monitor, and ensure remediation of all detected security vulnerabilities in IT services.
- Conduct regular security assessments (VA, Pentest, ASV, APT, segment test) for operating systems, applications, databases, and networks.
- Continuously update and monitor security vulnerabilities, malware threats, and risks; analyze and provide recommendations for remediation.

Education
- Bachelor&039;s degree in Information Security, Cybersecurity, Cryptography, IT, Telecommunications, Computer Science, or related fields.

Technical Knowledge
- Proficiency in at least one programming language (PHP, Python, C/C++, Java) and understanding of Software- Development Life Cycle (SDLC).
- Strong knowledge of networking, security, server operating systems, Middleware, and databases.

Experience in
- Identifying and assessing vulnerabilities in IT systems.
- Security standards such as PCI DSS, OWASP, and cybersecurity attack techniques.
- Security testing for Web, API, Mobile, Winform Applications, Network, Infrastructure, and OS.
- Reviewing security requirements in BRD and business processes before system development.

IT Proficiency
- Proficient in security testing tools, including:
- Information gathering, vulnerability scanning, and security exploitation tools.

Skills
- Analytical and problem- solving abilities.
- Effective communication and presentation skills.
- Strong documentation and report writing skills.
- Risk management skills.

Experience:
Minimum of 2 years of experience in IT security, including security testing for web applications, mobile applications, server systems, and network devices.
Preferred Qualifications: Security certifications such as GPEN, LPT, CEH, OSCP, or equivalent penetration testing certifications.Candidates with CVEs or contributions to cybersecurity projects are highly preferred.

Chế độ bảo hiểm, Phụ cấp, Đồng phục, Chế độ thưởng, Chăm sóc sức khỏe, Đào tạo, Tăng lương, Công tác phí, Phụ cấp thâm niên, Nghỉ phép năm

Cập nhật gần nhất lúc: 2026-01-13 19:10:03