Security Manager

KMS Technology | Posted 10-06-2021

Thành phố Hồ Chí Minh (An ninh mạng)


Company Description


Established in 2009, KMS Technology is a U.S.-based engineering and services company with development centers in Vietnam. KMS Technology is trusted by international clients for the superior quality of products and expertise of Vietnamese engineers.

KMS builds and successfully launches its own software companies through its internal startup incubator, KMS Labs. Most notable companies include QASymphony, Kobiton, Katalon, and Grove. Under the brand, KMS Solutions, the company serves the Asia Pacific region, offering technology solution consulting and bringing the most advanced and latest technologies to the Asian market.

KMS is committed to making a long-lasting social impact by partnering with non-profit organizations that give disadvantaged students fair and better employment opportunities. The company regularly cooperates with universities, participates in IT training activities and specialized events, and sponsors scholarship programs in Vietnam. The company has received many prestigious industry awards, and has been named one of the greatest places to work in Vietnam, Asia, and the U.S. for many years in a row.


Job Description
  • Lead, manage and develop the cyber security operations team.
  • Identify, track and investigate high priority threat campaigns and malicious actors.
  • Design and coordinate cohesive responses to security events that involve multiple teams across the organization.
  • Work effectively with interested parties and others to address security requirements, any potential concerns.
  • Incident responding and handling follows the Company incident management process, investigating the incident, collecting logs and coming up with incident reports to interested parties.
  • Collaborate and partner with IT and business stakeholders, and remediation teams, to respond to security incidents and control remediation
  • Proactively monitor, analyze and provide guidance on security vulnerabilities and incidents to support remediation activities
  • Research and provide guidance on Zero-day vulnerabilities, emerging threats intelligence to foresee the potential impact may happen to systems and Company reputation.
  • Evaluate the impact to the organization of current security trends, advisories, internal and external threats.
  • Monitor, maintain and improve the data protection, network security and endpoint security strategies, ensure the security controls are effective and efficient.
  • Manage and develop a multi-vendor / consultant network as well as leverage existing cybersecurity solutions to ensure appropriate solutions are in place.
  • Conduct security awareness campaigns such as phishing, security workshop, seminar to raise employee awareness.
  • Assist in optimizing cyber security framework by implementing Policies, Standards, and Processes and following the industrial standards: ISO 27001, SOC2, HIPAA compliance.
  • Perform other duties as assigned

Qualifications


Knowledge and skills:

  • 8+ years of experience in Information and Cyber Security Management, Security Operations on various on-premises and cloud-based platforms: Google Cloud, AWS, MS Azure with one or more the following domains:
    • Cyber Defense & Offensive
    • Threat detection & response
    • Security Engineering
    • Security Orchestration & Automation
    • Endpoint protection
    • Identity & Access Management
    • Ethical hacking skills
  • Knowledge at Penetrating Testing, Red Teaming, Threat Hunting will be an advantage.
  • Familiar with cybersecurity technologies and tools such as: Next-gen firewall, Nessus, N-IDS/H-IDS, Cloud infrastructure, SIEM, Kali Linux tools set, IoT, etc.
  • Familiar with cyber security threat hunting: OSINT, Shodan, Censys, Spiderfoot, etc.
  • Having knowledge and experience ISO 27001, SOC2, GDPR, CSA (Cloud), HIPAA, PCI-DSS is an advantage.
  • Experience in managing people, setting objectives and OKRs.
  • Demonstrate ability to work independently and as part of a team to achieve team goals.
  • Demonstrate strong organizational skills, including time management and ability to prioritize and manage a range of tasks pro-actively.
  • Demonstrate good logical thinking and problem-solving skills.
  • Ability to communicate effectively across all levels of the organization.
  • Good at English in communication skills including oral and written

Education/Training Preferred:

  • Bachelor’s degree in Computer Science related field or equivalent work experience.
  • Security certificate: CEH, OSCP, OSCE, GIAC or other equivalent or higher certificates is an advantage.
  • IT certificate: MCSE, LPI, CCNA, CCNP is also a plus.

Additional Information


Why You'll Love Working Here:

  • Working in one of the Best Places to Work in Vietnam
  • Working & Developing with Passionate & Talented Team
  • Attractive Salary and Benefits
  • 13th month salary
  • 100% full salary in probation period
  • Full salary-based insurance (Social; Health and Unemployment) according to Vietnam Labor Law
  • 19 leaves per year (12 annual leaves, 6 personal leaves, Christmas leave and not including public holidays)
  • Flexible environment and working time
  • Premium health care insurance for you and your loved ones
  • Company trip in every summer, big annual year-end party every year, team building, etc.
  • Fitness & sports activities: football, tennis, table-tennis, badminton, yoga, swimming…
  • Joining community development activities: 1% Pledge, charity every quarter, blood donation, public seminars, career orientation talks,…
  • Free in-house entertainment facilities (foosball, ping pong, gym…), coffee (latte, cappuccino, espresso), tea, fruit and snack (instant noodles, cookies, candies…)
  • Internal training and clear career development road-map
  • A dynamic working environment that focuses on individual growth as much as team growth

And much more, join us and let yourself explore other fantastic things!