CYBERSECURITY TECHNICAL LEAD
We are looking to hire cyber security with an analytical mind and a detailed understanding of cybersecurity methodologies. You are expected to have meticulous attention to detail, outstanding problem-solving skills, work comfortably under pressure, and deliver on tight deadlines.
To ensure success, you must display an excellent understanding of technology infrastructures using Firewalls, VPN, Data Loss Prevention IDS/IPS, Web-Proxy, PAM, Network Access Control, and Security Audits. You must be comfortable working with a variety of technologies, security problems, and troubleshooting of the network.
As Cybersecurity Technical Lead, you will be responsible for:
- Planning, implementing, managing, monitoring, and upgrading security measures for the protection of the organization’s data, systems, and networks.
- Troubleshooting cybersecurity problems.
- Responding to all system and/or network security breaches.
- Ensuring that the organization’s data and infrastructure are protected by enabling the appropriate security controls.
- Participating in the change management process.
- Identifying network and system vulnerabilities.
- Daily administrative tasks, reporting, and communication with the relevant departments in the organization.
- Evaluating the organization’s security needs and establishing best practices and standards accordingly.
- Provide appropriate security architecture, information security model, and protection measures for each part and the whole system.
- Procedures, guidelines, security rules/configuration template for infrastructure security operation.
- Administration the security system, and enforce access control in compliance with policies, procedures, regulations, and instructions within the operational scope of the department.
- Successfully deploying security solutions and technologies to ensure security for the company.
- Participate in projects to ensure information security for the system to be built.
- Successfully apply security processes and solutions to the project/system to ensure the security of the system/service before going into operation.
- Provide solutions to ensure information security in applications, infrastructure, and data.
- Update and evaluate vulnerabilities in the system to provide mitigation requirements and solutions and put in place appropriate protection measures.
- Working with external security partners ( Security Service Providers).
Identity and access management:
- Building a role-based access matrix / Privileged account management.
EXPERIENCE & SKILLS REQUIREMENTS:
- 3+ years of IT and relevant security experience.
- Experience with Firewalls (functionality and maintenance), Office 365 Security, and Endpoint Security.
- Familiar with Linux and Windows capabilities and network protocol (firewall, VPN, intrusion prevention system, etc).
- Experience with Network Access Control, and Privilege Access Management is a plus.
- Knowledge in Python, C++, Java, Ruby, Node, Go, and/or Power Shell.
- Ability to work under pressure in a fast-paced environment.
- Strong attention to detail with an analytical mind and outstanding problem-solving skills.
- Great awareness of cybersecurity trends and hacking techniques.
- Have an advanced level of written and verbal communication skills in Vietnamese, and good communication skills in English.
- EQ Soft skills to engage with vendors, hospitals, and clinics.
- Ability to work with multiple sites to prioritize and resolve inquiries.
- Experience in healthcare and especially working with Hospitals is an advantage.
- Having relevant knowledge or experience in security standards, frameworks, and best practices: ISO 27001, PCI DSS, CIS 20, NIST CSF, TOGAF, COBIT, ITIL, etc.
- A degree in computer science, IT, systems engineering, or related qualification.
- Refer: Have at least 01 of the following certificates (or equivalent): Security+, CEH, CCNP, MSCE, CySA+.