Blue Team Tier 2 & 3

  • Location: 51 Le Dai Hanh Street, Hai Ba Trung District, Hanoi
  • Salary: based on capability and experience by agreement
  • Number of vacancies: Non-limit
  • CV Submit Deadline: 01 June 2021


- Understand the log data (windows event log, web server log, ...), event log id or signature to pay attention to during Threat Hunting and monitoring. 

- Understand checklists in Compromise Assessment (Threat hunting) for server / PC. - Understand MITRE ATT & CK tactics or Cyber kill chain 

- Understand the general IR - Incident response process, understand the purpose of phases in IR (What questions need to be answered, what actions need to be taken, ...) 

- Understand attack techniques such as Web attack, Kerberos attack (Golden / Silver ticket, Pass-the-ticket, Pass-the-hash, ...), techniques-tools used in each stage in cyber kill chain,…. Understand the signs involved to confirm the problem. 

- Experience in using querying for events (query / search) for one of the SIEMs such as Splunk, RSA Netwitness, IBM Qradar,… is an advantage. 

- Ability to read and understand English well enough for specialized documents There is one of the certificates associated with the Incident response. Forensic is an advantage. 

- Ability to work independently, self-discipline and proactively at work 

- Knowing to play football or game Half life / CS 1.6 is an advantage



- Support comment - evaluate alerts from SIEM / SOAR. 

- Participate in Incident response process according to the process (playbook) of each specific incident. Investigate, trace the flow of attacks, identify C&Cs, come up with appropriate plans for each stage in the Security incident response process. 

- Perform Threat Hunting to detect abnormal behavior through SIEM systems as well as directly forensic on devices with different OS. 

- Support Purple team in adding and editing content such as SIEM rule, playbooks, ...



- Salary: equal pay equal work. 

- Insurance regime according to the provisions of Law plus PTI Insurance for formal employees every year (when signing official labor contracts with the Company). 

- 13th month salary, year-end bonus, Tet bonus in accordance with the Company's regulations. 

- Considering salary increase twice a year 

- Project rewards for outstanding job completion ahead of schedule 

- Young and dynamic working environment always creates the best conditions for each individual to show his or her ability. 

- Various activities such as weekly football, quarterly birthday party, company events 

- Travel at the beginning of the year, family benefits, medical benefits, vacation, annual team building. 

- Clear career planning and development. 

- And many other attractive remuneration policies.



📮Contact: Ms Van – Human Resouces Department
Cell phone: 0988 557 838
Skype: Vando22810