![]() |
Hướng dẫn ứng tuyển
Bước 1: Điền vào Mẫu thông tin ứng viên LOTTE Finance, tải mẫu tại đây,
Bước 2: Chọn nút "Nộp đơn" bên trên và làm theo hướng dẫn.
Bước 3: Sau khi hoàn tất bước ứng tuyển, nếu đã ứng tuyển thành công, Bạn sẽ nhận được Thư xác nhận ứng tuyển thành công từ LOTTE Finance. Vui lòng đọc email để nắm các thông tin hướng dẫn tuyển dụng tại LOTTE Finance.
Chúc Bạn Sức khỏe và Thành công.
1. IT Security Engineering & Development
- Support strategic planning and execution of the bank’s information security roadmap.
- Advise on the design and implementation of cross-domain security solutions.
- Lead complex incident response operations and post-incident analysis.
- Conduct cybersecurity research to anticipate threats and inform architecture design.
- Propose strategic and operational plans for secure system development.
- Research and design security solutions covering network, application, endpoint, and data security.
- Develop secure programming standards based on CWE/SANS Top 25, OWASP.
- Perform security risk modeling and source code reviews.
- Assess emerging vulnerabilities and implement proactive defenses.
- Collaborate with monitoring and incident response teams to address attack events.
2. IT Security Implementation
- Develop and execute security assessments for IT projects and systems.
- Conduct vulnerability assessments and penetration testing (Vulnerability Assessment & Penetration Testing) on:
- Web applications, Mobile applications (iOS & Android), API, Winform.
- Server systems (Windows, Linux), databases, network infrastructure, and cloud environments.
- Review and optimize security configurations on servers, network devices, security appliances, and storage systems.
3. IT Security Operations
- Update and manage security vulnerabilities in IT systems, develop and implement remediation plans.
- Maintain and ensure compliance with PCI DSS certification and NHNN security standards.
- Operate and maintain critical security systems such as SIEM, IPS/IDS, DLP, PIM.
- Collaborate with relevant departments to implement security measures such as patch management, antivirus management, and endpoint protection.
4. Vulnerability Management
- Continuously update and monitor security vulnerabilities, malware threats, and risks; analyze and provide recommendations for remediation.
- Conduct regular security assessments (VA, Pentest, ASV, APT, segment test) for operating systems, applications, databases, and networks.
- Manage, monitor, and ensure remediation of all detected security vulnerabilities in IT services.
5. Other Responsibilities
- Support cross-functional tech projects.
- Conduct training and mentoring programs to build internal capabilities.
- Assist in career development planning within the security function.
- Perform other tasks as assigned by management.
Experience: Minimum of 2-5 years of experience in IT security, including security testing for web applications, mobile applications, server systems, and network devices.
Preferred Qualifications: Security certifications such as GPEN, LPT, CEH, OSCP, or equivalent penetration testing certifications.Candidates with CVEs or contributions to cybersecurity projects are highly preferred.
1. Education
- Bachelor's degree in Information Security, Cybersecurity, Cryptography, IT, Telecommunications, Computer Science, or related fields.
Technical Knowledge
- Proficiency in at least one programming language (PHP, Python, C/C++, Java) and understanding of Software - Development Life Cycle (SDLC).
- Strong knowledge of networking, security, server operating systems, Middleware, and databases.
2. Experience in:
- Security testing for Web, API, Mobile, Winform Applications, Network, Infrastructure, and OS.
- Identifying and assessing vulnerabilities in IT systems.
- Security standards such as PCI DSS, OWASP, and cybersecurity attack techniques.
- Reviewing security requirements in BRD and business processes before system development.
3. IT Proficiency
- Proficient in security testing tools, including:
- Information gathering, vulnerability scanning, and security exploitation tools.
4. Skills
- Strong documentation and report writing skills.
- Effective communication and presentation skills.
- Analytical and problem-solving abilities.
- Risk management skills.
Ha Noi
Salary: Negotiable
Ha Noi
Salary: Negotiable