Quyền lợi được hưởng
Work in Agile teams, enjoy good teamwork, and a professional environment.
Possibility to develop your career within an international company.
We are a global company, with many offices and projects all over the world (opportunity to travel to other countries where there are Pentalog offices).
Professional roadmap, offered support, and onboard training.
Free technical learning courses, foreign language courses (English, French).
Enjoy interesting activities: Coding challenges, PentaBar, Hackathon etc.
100% of the salary is paid during the probation period.
Attractive salary and bonuses.
Social insurance payment is based on the full salary, allowing you to keep your full benefits.
A premium healthcare package (Bao Viet 24/7 health insurance package + an annual health check-up).
Flexible working hours, no fingerprint timekeeping.
Working days: 5 days/week: from Monday to Friday (We don't encourage overtime work!).
Paid annual leave: 26 days (11 holidays +15 vacation days).
Company equipment: devices and subscriptions used for work (Laptop, Case, Smartphone etc.).
Enjoy bonding activities like team building, summer holidays, Christmas parties, Happy hour, etc.
Mô tả công việc
Ensure the security of Pentalog's clients (applications and infrastructure).
Identify the security needs of clients and put in place security roadmap (Be the technical driver for the security activities).
Put in place/take part in the implementation of the necessary security controls, in accordance with the client's needs and the security operational activities.
Develop and maintain various security-related tools, automation, and integrations on client mission.
Work with our external teams to ensure consistent delivery of service.
Continuously tune and improve
documentation of policies and procedures.
Yêu cầu công việc
Proven knowledge of the information systems security;
Knowledge of the necessary steps to secure an information system/ environment;
Knowledge about well-known security best practices (OWASP methodologies, SANS, NIST, CIS Benchmarks, etc.)
Good knowledge and experience in different areas of computer security:
Security norms (GDPR, ISO27001)
Encryption concepts
Threat modeling/ risk assessments
Vulnerability management
Security hardening
Knowledge about SSDL (Secure Software Development Lifecycle) practices;
Experience in using and configuring various security tools: SAST, DAST, Antivirus, vulnerability management tools etc.;
A creative mentality in recognizing various security needs;
Ability to clearly communicate proposed improvements to various stakeholders;
Experience in documenting technical concepts, proposing procedures and following established policies;
Experience analyzing pentest reports, doing vulnerability assessments;
Basic experience in securing AWS cloud environments and their products;
Knowledge about networking and infrastructure concepts;
Good verbal
communication skill and English language skills.