Job Overview And Responsibility

We are looking for an experienced Security Red Team Expert for the IT Security Department, with solid and comprehensive experience in threat hunting, vulnerability assessments, and penetration testing in the banking, securities, and trading sectors. The successful candidate would work in HCMC. Roles and Responsibilities: - Lead threat hunting and compromise assessments to proactively identify vulnerabilities across banking, securities, and trading systems. - Simulate real-world attacks, both internal and external, to detect and exploit weaknesses in cloud infrastructure, on-premise systems, and application layers. - Perform thorough investigations of security breaches, leveraging advanced cloud security forensics, ensuring timely incident detection, response, and resolution. - Collaborate with internal teams on incidents, ensuring adherence to regulatory standards like PCI DSS, ISO 27001, and NIST CSF. - Lead incident response planning, focusing on continuously improving detection and response capabilities for both cloud-based (AWS, GCP) and on-prem environments. - Provide specialized security training to technical teams, fostering a proactive security culture across the organization. - Direct red team exercises, supporting advanced penetration testing and vulnerability assessments, simulating adversarial attacks to improve overall security posture. - Ensure the cloud and on-prem infrastructure align with the highest security standards, conducting rigorous assessments and validations of security configurations. - Participate in architecture reviews to integrate secure-by-design principles, including microservices, container security, and infrastructure security. - Provide hardening and secure deployment guidance for cloud services from providers like AWS and Google GCP, applying cutting-edge cloud security techniques. - Support developing, monitoring, and continuously improving security policies, procedures, and standards, ensuring alignment with industry best practices and evolving threat landscapes. - Work closely with Application Security teams to integrate security testing into CI/CD pipelines and automate threat detection processes. - Collaborate with tech development and security operations teams to ensure effective incident response and secure implementation of new projects.

Required Skills and Experience

- Bachelor's degree in computer science, engineering, or a related field. - 5+ years of experience in security roles, specializing in red teaming, threat hunting, or compromise assessments. - Extensive experience with cloud security forensics, penetration testing, and incident investigation. - Good knowledge of industry security standards (NIST CSF 2.0, PCI DSS 4.0, ISO 27001:2022) and their application in financial services. - Proficiency in tools used for vulnerability scanning, network penetration testing, and cloud forensics (AWS, GCP, Azure environments). - Hands-on experience performing offensive security engagements, including social engineering, red teaming, and vulnerability exploitation. - Ability to travel when required to support regional business needs.

Why Candidate should apply this position

Preferred skills and experiences