● Receive escalating incidents from Tier 1 Security Analysts.
● Analyzing and investigating the root causes of security incidents by advanced security analytics techniques such as malware analysis and reverse engineering, exploits code, computer forensics, etc.)
● Actively hunt for new threats based on IOCs, zero-day exploits code.
● Propose solutions to remediate and respond to the investigated incidents.
● Report records the whole process of analyzing, investigating and tracing security incidents
● Participating in analyzing and developing remediation plans for security incidents and being a member to participate in handling when incidents occur.
● Perform periodic security assessment and penetration testing according to the plan or as per request of SOC manager.
● Planning / scripting and conducting a penetration testing for systems in the following manner: blackbox, whitebox, graybox.
● Updating, analyzing new security weaknesses / vulnerability, assessing the impact on the organization system; Take measures to protect and monitor the implementation.
● Consulting, evaluating and making security requirements for systems
● Regularly update
research on information security technologies, hacking techniques and high-tech
Educational Qualifications :
Bachelor of University major IT.
Relevant Knowledge/ Expertise :
Deep knowledge of:
- Malware analysis
- Reverse Engineering
- Threat Hunting
- Computer forensics
Knowledge of techniques, assessment methods, information security testing such as OWASP, NIST, OSSTMM.
Knowledge of types of security vulnerabilities / vulnerabilities, techniques for finding, analyzing and exploiting weaknesses, hacking techniques, prevention / mitigation measures, fixing errors.
- Having in-depth knowledge and experience in information security: FW, IPS, VPN, Endpoint Security, App & DB security, Proxy...
- Have a strong background in programming.
Time management skills, good problem solving.
Good independent working skills, teamwork.
Ability to work under high pressure.
A good working attitude, having a progressive spirit.
Requires 1- 5 years of work experience for companies related to information security analysis, security assessment or penetration testing and preferably with experience working in finance and banking.
Logical thinking, Good problem solving.
Careful, honest, objective in work.
Sociable, able to work well with the group.
Ability to work under pressure.
Sense of responsibility, ability to work in groups / organizations, ability to convey and communicate effectively.
Ability to research, learn to work effectively.
HỒ THỊ NY NA