Công Ty Tnhh Endava tuyển dụng Cyber Security Engineer

We are looking for a Cyber Security Engineer to join our team and contribute to the continued success and growth. As a Cyber Security Engineer, you will be responsible for ensuring the security and integrity of our computer systems and networks.

Your responsibilities include but not limited to the following:

• Security Monitoring and Incident Analysis: Robustly monitor cyber security events, triage alerts effectively and identify intrusion attempts. Requires working knowledge of cyber security practices, threat and vulnerability management.
• Incident Remediation: Collaborate with remediation teams to orchestrate incident mitigation. Requires advanced skills in incident management within a large-scale environment.
• Threat Hunting and Vulnerability Assessment: Proactively seek vulnerabilities and assess the associated risks. Requires proficiency in threat hunting, vulnerability risk assessment, and understanding of diverse operating systems and cloud environments.
• Security Tools Enhancement: Identify improvement opportunities for security tools and reduce false positives. Requires expertise in security tools.
• Playbook Optimization and Creation: Enhance current playbooks and develop new ones to address evolving threats. Requires ability in developing alert triage playbooks.
• Security Consultancy: Offer expertise to other teams and help resolve issues. Requires excellent English communication skills and ability to provide professional security consultancy.
• Research and Development: Conduct research into emerging threats and develop new capabilities. Requires skills in conducting research and developing countermeasures.
• Penetration Testing and Security Audit: Perform tests and audit cloud infrastructures for misconfigurations. Requires advanced experience in penetration testing and auditing.
• Cyber Security Investigation: Investigate incidents and perform forensic analysis. Requires skills in investigating incidents, reverse-engineering, and testing vulnerabilities.
• Threat Intelligence and Reporting: Conduct long-term retrospective analysis and provide recommendations. Requires proficiency in conducting analysis, researching threats, writing reports, and making recommendations.
• Other Security Tasks: Carry out other security-related tasks as assigned. Requires high-level analytical, lateral thinking and problem-solving skills.
• On-Call Duties: Participate in on-call rotation during weekends daytime to ensure 24/7 incident response capabilities. Requires ability to effectively respond to after-hours incidents.

• Finance: Competitive salary package, annual leave encashment, 13th month salary, referral bonus;
• Career Development: Career coaching, global career opportunities, non-linear career paths, internal development programmes for management and technical leadership;
• Learning Opportunities: Complex projects, rotations, internal tech communities, training, coaching, online learning platforms subscriptions, English programme, certifications, pass-it-on sessions, workshops, conferences;
• Work-Life Balance: Hybrid work and flexible working hours, employee assistance programme;
• Health: Global internal wellbeing programme, access to wellbeing apps, premium health check, extra insurance;
• Community: Global internal tech communities, hobby clubs and interest groups, inclusion and diversity programmes, events and celebrations;
• Other: Trade Union benefits, Welcome package and gift-giving frequency.

• Have at least 3 years of relevant experience in Cyber Security domain.
• Proficiency in security tools such as Proofpoint, ELK, CrowdStrike, Armis, Sumo Logic, Splunk, and Sentinel, etc.
• Working knowledge of cyber security practices, threat and vulnerability management.
• Advanced skills in incident management within a large-scale environment.
• Proficiency in threat hunting, vulnerability risk assessment, and understanding of diverse operating systems and cloud environments.
• Expertise in security tools.
• Ability to develop alert triage playbooks.
• Excellent English communication skills and ability to provide professional security consultancy.
• Skills in conducting research and developing countermeasures.
• Advanced experience in penetration testing and auditing.
• Skills in investigating incidents, reverse-engineering, and testing vulnerabilities.
• Proficiency in conducting analysis, researching threats, writing reports, and making recommendations.
• High-level analytical, lateral thinking and problem-solving skills.
• Ability to effectively respond to after-hours incidents.
• Programming skills are a nice-to-have qualification.