RESPONSIBILITIES
- Receive escalating incidents from Tier 1 Security Analysts.
- Analyzing and investigating the root causes of security incidents by advanced security analytics techniques such as malware analysis and reverse engineering, exploits code, computer forensics, etc.)
- Actively hunt for new threats based on IOCs, zero-day exploits code.
- Propose solutions to remediate and respond to the investigated incidents.
- Report records the whole process of analyzing, investigating and tracing security incidents
- Participating in analyzing and developing remediation plans for security incidents and being a member to participate in handling when incidents occur.
- Perform periodic security assessment and penetration testing according to the plan or as per request of SOC manager.
- Planning / scripting and conducting a penetration testing for systems in the following manner: blackbox, whitebox, graybox.
- Updating, analyzing new security weaknesses / vulnerability, assessing the impact on the organization system; Take measures to protect and monitor the implementation.
- Consulting, evaluating and making security requirements for systems
- Regularly update research on information security technologies, hacking techniques and high-tech violation methods.
REQUIREMENTS
1. Educational Qualifications:
- Bachelor of University major IT.
2. Relevant Knowledge/ Expertise:
- Deep knowledge of:
– Malware analysis
– Reverse Engineering
– Threat Hunting
– Computer forensics
- Knowledge of techniques, assessment methods, information security testing such as OWASP, NIST, OSSTMM.
- Knowledge of types of security vulnerabilities / vulnerabilities, techniques for finding, analyzing and exploiting weaknesses, hacking techniques, prevention / mitigation measures, fixing errors.
- Having in-depth knowledge and experience in information security: FW, IPS, VPN, Endpoint Security, App & DB security, Proxy…
- Have a strong background in programming.
3. Skills:
- Time management skills, good problem solving.
- Good independent working skills, teamwork.
- Ability to work under high pressure.
- A good working attitude, having a progressive spirit.
4. Relevant Experiences:
- Requires 1- 5 years of work experience for companies related to information security analysis, security assessment or penetration testing and preferably with experience working in finance and banking.
5. Personal Characteristic:
- Logical thinking, Good problem solving.
- Respect discipline.
- Careful, honest, objective in work.
- Sociable, able to work well with the group.
- Ability to work under pressure.
- Sense of responsibility, ability to work in groups/ organizations, ability to convey and communicate effectively.
- Ability to research, learn to work effectively.