Chuyên gia Bảo mật ANTT_Expert IT Security _ HN_TA165

• Vulnerability assessment and penetration testing program and responsible for the design and performance of application security robustness tests.
• Join to IT projects, implement security by design &  to ensure security and reduce project risks
• Research/implementation/control design and deploy of technical solutions, security standards and control measures to ensure safety / risk mitigation for IT services application
• Deliver the annual penetration testing schedule and conducting awareness campaigns to ensure proper budgeting by business lines for annual tests
• Operate a hands-on role involving penetration testing and vulnerability assessment activities of complex applications, operating systems, wired and wireless networks, and mobile applications/devices
• Automate penetration and other security testing on networks, systems and applications
• Consult with application developers, systems administrators, and management to demonstrate security testing results, explain the threat presented by the results, and consult on remediation
• Communicate security issues to a wide variety of internal and external “customers” to include technical teams, executives, risk groups, vendors and regulators
• Trial attacks & incident response
• Research/develop new security standards/technique guidle and apply to bank
• Operate security technologies, control security changes/ensuring the safety of information technology systems
• Participation with key technicque in security projects, security solutions requires a very high of expertise skill 
• Develop/implement/trainning/apply security by design framework to Bank
• Security controls end to end for projects/CR make sure new services & system is safe before golive
• Supporting Vendor Security activities to ensure 3rd‐party software and development meets Bank security standards.

Educational Qualifications

• Bachelor's or Technical Degree Required (IT, Cryptography, computer science, information systems, business administration or other industry-related curriculum)

 Relevant Knowledge/ Expertise

• 3 years or more of working experience in IT security banking, good knowledge international IT security standards (ISO 270001, PCI-DSS,…), ITIL
• Have good knowledge about: network security, system security, application security and virus/malwares, secure coding
• Have good kownleged with architect, security technology, integration
• Have good knowledge with pen test with OWSAP Standard and ability discovery & exploit vulnerabilities, cyber attack
• Good using some tools for hacking:  VA, APPScan, Metaexploit, kalilinux
• Experienced in implementing ISO27000/PCI-DSS is preferred
• Have good knowledge with secure coding with some languages: Python, Shell, PHP and have good knowledge with encryption, cryptography techniques

Skills set

• Have ability to read and understand the professional documents in English.          
• Strong interpersonal and communication skill
• Be able to catch up and manage works quickly and effectively
• Be able to work independently with high pressure, good in teamwork
• Careful, responsible, and secure in protecting information/data belong to Bank
• Good knowledge of risk management principles, methodology and practice        
• Preferred Fluent in English

Relevant Experience

• Stakeholder expectation management 
• People Management 
• Risk Management 
• Budget Management 

Các năng lực liên quan khác

• Strong Logical Thinker and Planner
• Management, Leading ability
• Implementation and Deliver ability 

Benefits & Perks

• Competitive salary and bonus package​
• Staff loan with special interest rates​
• Traing courses based on the job, Training framework/Learning RoadMap for each position​
• Insurance in accordance with Labor laws + VPBank Care insurance for all employees. (insurance covered for family members for entitled employees);​
• Annual leave (varied based on job grade)​
• Travel allowance​
• A dynamic and friendly working environment, full of great opportunities to develop your career and abundant interesting activities to join (Sports competitions, talent contests, teambuilding…)