Information Security Specialist – Application Security Engineer - Hà Nội


Nơi làm việc:

Hà Nội 


CNTT/ Viễn thông, Dịch vụ an ninh, Kiểm soát chất lượng, Quản lý điều hành, Tài chánh/Ngân hàng


2.500 USD / tháng

Mức thưởng:


Hình thức làm việc:

Toàn thời gian

ID công việc:


Ngày hết hạn:


Các loại thưởng khác:

Thưởng theo KPIs và dự án

Mô tả công việc:

• Identify, highlight and remediate information security risk in the Bank
• Comply with the Bank’s Information Security Policy, Regulations, Standards, and Process
• Provide feedback to enhance the current policies, regulations, standards and processes where necessary
• Communicate and ensure all staff understands and comply with the Information Security Policy, Regulations, Standards and Processes
• Help the organization evolve its application security functions and services
• Responsible for upholding code reviews across all code platforms
• Take charge of bug intake and remediation process for the organization
• Provide leadership for application vulnerability scanning and penetration testing remediation
• Manage integration with vulnerability check tools such as Static Code Analysis and Dynamic Code Analysis tools
• Discover security exposures and develop mitigation plans, and also report and fix the technical debt
• Provide support to the Information Security Manager on all application security activities
• Represent the organization in Information Security programs
• Actively participate in security initiatives with minimum supervision
• Function as a subject matter expert for security solutions within the organization’s platform
• Provide guidance to junior-level security engineers
• Responsible for troubleshooting production issues and performance bottlenecks
• Follow security best practices in performing tasks
• Work closely with cross-functional teams (Engineering, DevOps, DevSecOpsProduct) while carrying out daily tasks
• Contribute to requirement gathering with product teams
• Work together with cross Business Unit teams on executing standardized security solutions and integrations
• Partake in inner sourcing initiatives within the organization
• Provide the appropriate guidance and advisory in the area of Application Security and DevSecOps
• Be able to contribute to the Bank in terms of documentation, transfer of ideas and implementing the plans in the area of Application Security and DevSecOps

Yêu cầu công việc:

1. Educational Qualifications
• Bachelor's or Technical Degree Required (IT, Cryptography, computer science, information systems, business administration or other industry-related curriculum)
• Has appropriate subject matter expertise in their area of information security specialization
• CISSP/GIAC Certifications is preferred

2. Relevant Knowledge/ Expertise
• 8+ years of Information Security, Application Security, Programming, DevOps, Cloud, Computer Science, Data Analytics, or related
• Excellent verbal and written skills with an ability to present technical specifications and solutions.
• Ability to manage working on multiple initiatives in a fast paced agile environment.
• Strong knowledge of secure code development practices.
• Experience working with PHP, Java, Python and JavaScript.
• Strong application development background designing and building robust and scaleable applications with Python or similar languages.
• Experience working in a DevOps environment with an automation first mindset.
• Experience using Jenkins as a CI (Continous Integration) and CD (Continous Deployment) tool.
• Experience using Harness as a CD (Continuous Deployment) tool
• Ability to design and build full stack solutions with Python and React or Vue.js.
• Strong knowledge working with container platforms such as Kubernetes and/or Openshift.
• Experience with SAST (static application security testing), DAST (dynamic application security testing) and IAST (interactive application security testing) tooling.
• Strong knowledge of OWASP practices
• Knowledge of authentication protocols such as OAuth, OpenID Connect, SAML and PKI.

3. Skills
• Have ability to read and understand the professional documents in English.
• Strong interpersonal and communication skill
• Be able to catch up and manage works quickly and effectively
• Be able to work independently with high pressure, good in teamwork
• Careful, responsible, and secure in protecting information/data belong to Bank
• Good knowledge of risk management principles, methodology and practice
• Preferred Fluent in English

4. Relevant Experience
• Stakeholder expectation management
• People Management
• Risk Management
• Budget Management

• Competitive salary
• 13th month bonus, Performance bonus, holiday & training
• Education benefits: The bank training institute will monthly send a list of courses for employees to choose their suitable course. Therefore, you can self-registration due to your job requirements
• Insurance: Insurance under labor law + private insurance for individuals. Premium employees are entitled to insurance for their relatives
• Able to have annual travel allowance
• Get monthly phone allowance and gasoline allowance
• Have opportunity to participate in many great events
• Working under energetic, friendly environment and good chances to develop your career

Quyền lợi:

Thu nhập hấp dẫn, lương thưởng cạnh tranh theo năng lực


Thưởng các Ngày lễ, Tết (theo chính sách ngân hàng từng thời kỳ)


Được vay ưu đãi theo chính sách ngân hàng từng thời kỳ



Thông tin công ty

Ngân hàng TMCP Việt Nam Thịnh Vượng VPBank
89 Láng Hạ, Quận Đống Đa, Hà Nội, Hà Nội
Hồ sơ công ty