- Be proactive, capable of thinking, self-study, read comprehensively specialized documents related to SOAR solutions, SIEM, Security solutions
- Understand the log data (windows event log, web server log, application log ...), event log ids or signatures that need attention during threat hunting / compromise assessment.
- Understand MITRE ATT & CK tactics or Cyber kill chain
- Understand the general IR
- Incident response process, understand the purpose of phases in IR (What questions need to be answered, what actions need to be taken, ...)
- Having a programming mindset, being able to use at least one of the programming languages such as JS, Python, Java, ...
- Understanding the checklist during Compromise assessment for server / pc is an advantage Experienced in writing log parsers, writing detection rules on an SIEM is an advantage
- Understanding of attack techniques, being able to build simulated phased attacks in the cyber kill chain is an advantage.
- Ability to read and understand English well enough for specialized documents
- Having one of the certificates related to Incident response, Forensic, Pentesing is an advantage.
- Ability to work independently, self-discipline and proactively at work
- Knowing to play football or game Half life / CS 1.6 is an advantage.
- Participate in updating, editing content used in different SOAR, SIEM (automation, playbooks, code integration between SIEM - SOAR - source Threat Intelligence, ...)
- Research SIEM solutions related to issues such as integration capabilities, additional log parser, add-in-optimization of SIEM rules to improve detection capabilities.
- Coordinate with TI team to update IOC into SOC system
- Participate in research and simulation of attack techniques for each kill chain (can be coordinated with Redteam). From there suggesting possibilities or optimizing detection for that attack, add the Hunting checklist / Detection rule.
- Participated in supporting Blue Team during Threat hunting, Incident response in some cases required support.
- Salary: equal pay equal work.
- Insurance regime according to the provisions of Law plus PTI Insurance for formal employees every year (when signing official labor contracts with the Company).
- 13th month salary, year-end bonus, Tet bonus in accordance with the Company's regulations.
- Considering salary increase twice a year
- Project rewards for outstanding job completion ahead of schedule
- Young and dynamic working environment always creates the best conditions for each individual to show his or her ability.
- Various activities such as weekly football, quarterly birthday party, company events
- Travel at the beginning of the year, family benefits, medical benefits, vacation, annual team building.
- Clear career planning and development.
- And many other attractive remuneration policies.
ONLY PDF CV ACCEPTED
📮Contact: Ms Van – Human Resouces Department
Cell phone: 0988 557 838