We're looking for a proactive and experienced Security Engineering Analyst to join our dynamic team in Ho Chi Minh City, Vietnam. In this role, you'll be instrumental in safeguarding our systems, applications, and data against evolving cyber threats. You'll work at the forefront of security, blending strategic oversight with hands-on technical expertise to ensure our infrastructure remains robust and compliant.
about the job
- Proactively monitor emerging threats, vulnerabilities, and attack trends, anticipating and mitigating risks across the product roadmap.
- Act as a technical bridge between security and development teams, ensuring effective communication, guidance, and secure coding practices throughout the SDLC.
- Analyze and validate security alerts, investigate anomalous behavior and data inconsistencies, and collaborate with developers for mitigation.
- Lead or support code reviews, vulnerability assessments, and penetration testing in coordination with internal Red Teams and security vendors.
- Secure cloud environments (primarily Azure, evaluating potential shift to GCP) including both containerized and monolithic deployments.
- Ensure the security of web applications with a focus on REST-based interactions, front-end UX security, and end-to-end encryption.
- Support and improve the management of virtual machines (VMs) and related infrastructure from a security perspective.
- Conduct security audits, data impact assessments, and contribute to compliance with SOC 2, ISO 27001, FedRAMP, NIST 800-53, CJIS, WCAG, etc.
- Develop and maintain security KPIs and a technical risk/gap list, driving continuous improvement of security controls.
- Collaborate with incident response teams to develop and refine processes for incident detection, escalation, and resolution.
- Drive secure design and implementation of AI/machine learning integrations into hybrid cloud systems.
- Use tools such as SIEM platforms, dynamic scanners, and testing platforms to monitor and validate application and infrastructure security.
- Work with internal systems and documentation platforms including Jira, Confluence, ServiceNow, TestRail, OTRS, and metric/reporting tools like Nessus and Google Sheets.
skills and experience required
Hands-on experience with security tools such as SIEM platforms (e.g., Splunk, Sentinel) and dynamic scanning tools. Familiarity with programming languages such as C#/.NET and JavaScript is preferred.
Experience analyzing system logs, data flows, and alerts for accurate risk assessment and remediation. Understanding of cloud platforms, primarily Azure; experience with GCP or openness to cloud migration is a plus.
Familiar with incident management, monitoring, and infrastructure-level troubleshooting.
Whats and offer
The permanent opportunity for a Security Engineering Analyst, will pay a salary range of usd 1.5k – usd 2k plus benefits. This opportunity offers hybrid working arrangement.
To apply online please use the 'apply' function, alternatively you can reach me at
https://www.linkedin.com/in/Oliviatoh-032330132/. (EA: 94C3609 / R22109942)