Senior Cloud Security Consultant (AWS/Azure/GCP)

Keahlian dan pengalaman yang dibutuhkan

Must have: • At least 4-5 years of relevant working experience • Bachelor's degree in Computer Science, Computer Engineering, or equivalent industry experience • CISA/CISSP/CRISC/CISM or equivalent industry certifications • Excellent command of English and good communication in Vietnamese when working with cross- functional teams • Have proficient and practical knowledge in Security on cloud platforms • Experience with implementation of technology/cyber risk and controls, coordination of activities for audits, and assessing an IT controls environment. • Working experience in software development and application security • Knowledge of industry-standard risk/control frameworks: ITIL, COSO, NIST, PCI-DSS, COBIT, etc. • Familiarity with Agile or other common methodology frameworks • Detail-oriented with the ability to evaluate processes, controls, and issues to determine the risks • Sound technical knowledge in the area of Cybersecurity incl. experience with relevant security standards and frameworks (e.g. ISO 27001:2013, NIST Cybersecurity Framework, etc.) Your skills and experience • To assist in defining security control requirements to be enforced around various IaaS and PaaS services from Azure public Cloud Service Provider for our customer (bank) to consume these services • Develop service designs in alignment with Global Information Security Policies and Standards for consuming IaaS and PaaS Services to implement adequate security • Provide guidance on implementation of service designs confirming to Global Information Security Policies and Standards • Validate the security controls deployed around service designs • Experience in configuring network security controls in Public Cloud environments • Experience in network forensics, incident analysis and management • Deeper knowledge in Information Security domains (IAM, Data Protection, Application & Infrastructure Vulnerability Management, Security Monitoring, Network Security, etc.) • Support internal and external audits • Supporting cloud delivery teams to build security controls delivered as code • Support security architecture and design reviews for cloud hosted solutions • Validate service design implementation • Develop security monitoring use cases for monitoring various security events through on-premise Splunk SIEM solution • Support various RFIs • Work with various security product and SaaS services providers in evaluation of various security solutions to be implemented for cloud environments • Work with internal and external auditors support auditing requirements • Provide thought leadership in supporting cloud security requirements and providing suitable solutions • Have financial technology working experiences (advantages of the previous working in the digital bank) • Have a practical, structural mindset and be a quick learner able to adapt to the changes from a fast-growing organization • Quick learner with an ambitious and results-drive personality Key competencies: • Deep expertise in Azure Cloud Security solutions • Deep understanding of cloud control objectives and controls • Strong experience in implementation of security solutions such as Google Cloud, Azure Cloud and AWS Cloud. • Strong experience in building IaaS and PaaS service designs in alignment with organizational policies and standards and in alignment with Cloud Control Objectives • Strong experience in working collaboratively Cloud Engineering, Operations and Governance and CISO organizations in an Enterprise setup • Integration of IaaS and PaaS security logs for centralized security monitoring using solutions like Splunk SIEM • Working with Cloud Engineering teams to embed security into CI/CD pipelines • Supporting internal and external audits • Working with Cloud Service Providers in • Certifications: CISSP, CCSP, CISM • Critical thinking and problem-solving skills • Decision-making, Communication skills, Influencing and leading • Teamwork, Conflict management, Adaptability Applications without the above required experience will not be considered. *Please ensure: CV submission in good format and max 5 pages of detailed history of work/employment (in the order of latest years on the top)

Mengapa kandidat disarakan untuk posisi ini

A. HR Policies: + Competitive salary.​ + Salary band per level and employees' benefits are reviewed once per year.​ + 13th month salary + Monthly Lunch Allowance: 700,000 VND/ employee​ + Parking: GFT covers monthly Parking fee for employees' motorbikes + Performance Evaluation is once per year, for 2 purposes:​ - Performance Bonus​ - Salary increasement + Working time: - Flexible working hours ​ - Work from home: 2 days/ month​ + Vacation/ Annual Leave: ​ - Maximum 18 day vacation leave/ year (with the ability to carry over 05 days till 31st March of the following year) + 3 days sick leave without medical certificate - Adding one more AL/ year for each 2-year anniversary with maximum 25 days/year  + Welcome Pack: Pen, Notebook, Sporty bag, Drinking bottle, GFT Stickers, ​Webcam cover, GFT T-shirt​ + Employee's equipment: MacBook, Extra screen, Connection hub, Laptop bag. ​ + Health Care: - Private Health insurance: ​including accident, outpatient, in patient, maternity and dental for all permanent employees who pass 2-month Probation. - Optical: Expense claim for Eyewear for VDU – USD$50/year - Annual Health Check up + Trade Union’s Benefits: - Birthday: Greeting card + 500,000 VND​ - Marriage: Greeting card + 500,000 VND​ - Child's birth: Greeting card + 500,000 VND​ - Condolence: Flower​ - In patient: Flower + Talent Retention Policy - Retention bonus: ​ 2 year anniversary = 0.5x Monthly Salary ​ 3 year anniversary = 1x Monthly Salary ​ 5 year anniversary = 2x Monthly Salary​ B. Training & Development: An environment where we encourage learning and progress:​ + Professional Training courses + Personal Development Training courses + Free English Learning Course + Weekly knowledge exchange C. Healthy Lifestyle: + Sports and hobby clubs + Range of healthy snacks, tea, coffee, milk and beer on tap. D. Social: + Company Townhall + Monthly Team lunch + Monthly Team engagement activities + CSR activities + Hackathon + Onsite tour/ training courses at other GFT offices and client's destination overseas