1. Job Responsibilities

Security Monitoring & Operations

• Continuously monitor systems through IDS/IPS, SIEM, and other security tools.

• Detect and respond to security incidents: malware, brute force attacks, DDoS, phishing, web attacks, and transaction anomalies.

• Manage, configure, and upgrade security and network devices, including NGFW firewalls, VPN, switches, and anti-DDoS systems.

• Monitor security for trading systems (OMS/Trading Core), partner API connections, online trading platforms, and mobile applications.

Risk Assessment & Control

• Conduct security risk assessments for new systems and IT projects.

• Coordinate with external vendors to perform penetration testing and vulnerability assessments.

• Track, analyze, and remediate vulnerabilities (CVE, Zero-day).

• Review and assess cloud infrastructure security.

Regulatory Compliance & Audit

• Ensure compliance with regulations, including Circular 13/2022/TT-BTC and requirements from SSC, Stock Exchanges, and VSD.

• Maintain alignment with standards such as ISO 27001 and SOC 2.

• Develop and update Information Security (IS) procedures: access management, risk management, incident response, backup, and disaster recovery.

Access & Privilege Management

• Manage system access rights across the domain, CRM, email, databases, and trading systems.

• Perform periodic access reviews and user attestation.

• Implement and manage MFA and privileged account management (PAM).

Incident Response

• Execute incident response procedures and conduct root cause analysis (RCA).

• Report incidents to SSC/HOSE/VSD when trading activities are affected.

Security Awareness

• Conduct internal security awareness training on anti-phishing, email safety, and risk identification.

2. Requirements

Technical skills:

• Strong knowledge of Cybersecurity, IT Risk Management, and Internal Controls.

• Proficient with core security tools: Firewall, IDS/IPS, WAF, SIEM, DLP/DDP, VPN.

• Good understanding of Web/App Security (OWASP Top 10) and API Security.

• Experience with Linux/Windows servers, database security (Oracle/MS SQL/PostgreSQL), and networking (TCP/IP, routing, VLAN…).

• Understanding of securities system architecture (OMS, trading core, clearing & settlement).

• Penetration testing experience is an advantage.

Preferred Certifications: CEH/OSCP/Security+/CySA+.

Languages: Good at English.

Soft skills: Analytical thinking, fast incident response, good documentation skills, and effective communication.