Senior Security Engineer

The Senior Information Security Engineer is responsible for deploying, monitoring, and ensuring the safety and security of the Company’s IT systems and networks. This role participates in assessing, detecting, and handling information security risks and incidents; and also provides guidance, training, and knowledge sharing to improve security capabilities and ensure systems operate safely, stably, and continuously.

Job Description

• Deploy information security projects and implementation plans on devices, systems, and connections between systems across the Company’s entire network.

• Monitor, train, and handle information security incidents across the whole network.

  • Perform monitoring, risk assessment, support, and thorough incident response.

  • Guide, train, and share experience in handling operational information security issues.

• Conduct periodic information security compliance assessments against regulations and security policies on declared devices, systems, and network connections.

• Perform security assessments of systems; detect vulnerabilities and risks on devices, systems, and network connections, and coordinate with related units to remediate them.

• Update and maintain the database of system security configurations and identified risks.

• Perform other tasks as assigned by direct managers or higher-level management.

Requirements

• Bachelor’s degree or higher in IT, Telecommunications/Electronics, or related fields; at least 2 years of experience in a similar position.

• Solid understanding of IM, GNOC, and SIRC processes; strong knowledge of information security for systems, network devices, firewalls, and telecom equipment.

• Knowledge of vulnerabilities and attack techniques; experience in auditing, penetration testing, and vulnerability remediation.

• English proficiency equivalent to TOEIC 550 or above.

Preferred Qualifications

• Experience implementing information security under Agile and DevSecOps models; familiarity with Jira and Jenkins.

• Experience in web/system penetration testing; proficient with tools such as Nessus, Burp Suite, and OWASP ZAP.

• Experience deploying and operating SIEM systems (Splunk, ELK), Secure SDLC; good understanding of OWASP Top 10 and CIS Benchmarks.