Search by job, company or skills

vinsmart future

Security Engineer

Save
  • Posted 17 hours ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Company Description

VinSmart Future (VSF) is the leading technology company within the Vingroup Corporation, formed by the merger of the group's entire technology ecosystem, including VinApp, VinIT, VinBigdata, and other tech units. As a core driver of Vingroup's future growth, VSF is at the forefront of technological development, with artificial intelligence (AI) as its foundation. With a talented team of nearly 4,000 local and international technology experts, VSF focuses on creating high-utility technologies that enhance lives and connect data, models, and infrastructure to unlock new possibilities.

Job Description

Direct Collaboration with DevOps in Security Remediation

  • Work closely with DevOps Engineers to perform root cause analysis for each security finding, determine the scope of impact, and develop appropriate remediation plans for different environments.
  • Directly implement technical changes, including modifications to IAM policies, Security Groups, bucket policies, network ACLs, Kubernetes RBAC, and Terraform modules.
  • Track and validate remediation results in both staging and production environments; prepare closure reports with sufficient technical evidence.
  • Support the review and hardening of Dockerfiles, GitLab CI/CD pipelines, and Jenkins Shared Libraries related to cloud workload security, including secret management, image signing, and least-privilege execution.

Periodic Multi-Cloud Security Assessment

  • Conduct cloud security assessments based on CIS Benchmarks and each cloud provider's best practices, including AWS Well-Architected Security Pillar, GCP Security Foundations, and Huawei Cloud Security White Paper.
  • Review IAM configurations, including analysis of over-permission, cross-account trust relationships, service account key exposure, and privilege escalation paths.

DevSecOps Automation and Integration

  • Develop and maintain preventive controls as code, including AWS Service Control Policies (SCP), GCP Organization Policies, and Huawei Config Rules.
  • Build automated detective controls such as OPA/Rego policies, AWS Config custom rules, and Security Command Center custom modules to detect deviations from security baselines as soon as they occur.
  • Build and maintain cloud security dashboards and establish alert thresholds for CSPM findings, GuardDuty, Security Hub, and Security Command Center.

Incident Response and Threat Detection

  • Investigate security findings generated by detection tools such as AWS GuardDuty and GCP Security Command Center.
  • Participate in incident response activities related to cloud infrastructure security incidents, including log analysis, lateral movement tracing, blast radius assessment, and containment coordination.

Governance and Documentation

  • Develop and maintain cloud security architecture documentation, incident response runbooks, and secure configuration guidelines for cloud services.
  • Participate in threat modeling activities for new systems or major architectural changes, especially projects involving managed cloud services, serverless technologies, or container platforms.
  • Prepare periodic cloud security posture reports for the Security Engineering Lead and relevant stakeholders; monitor trends and recommend improvements

Requirements

Required Experience & Skills

  • At least 2 years of hands-on experience as a Cloud Security Engineer, Cloud Engineer, or DevOps Engineer with a strong focus on security.
  • Hands-on experience with AWS and GCP.
  • Strong understanding of the IAM model of at least one cloud provider, including roles, policies, trust relationships, STS (AWS), Workload Identity (GCP), and Service Accounts.
  • Ability to read, review, and modify Terraform code, including resource dependencies, module structures, and state management.
  • Solid understanding of Kubernetes security, including RBAC, NetworkPolicy, Admission Controllers, Pod Security Standards, and secret management solutions (External Secrets, Vault Agent).
  • Experience with at least one CSPM tool, such as AWS Security Hub, GCP Security Command Center, or third-party solutions including Wiz, Orca, Lacework, or Prisma Cloud.

Preferred Qualifications

  • Experience writing OPA/Rego policies or AWS Config custom rules in production environments.
  • Experience in cloud penetration testing, including AWS privilege escalation, GCP lateral movement, and metadata service exploitation.
  • Relevant industry certifications such as AWS Certified Security – Specialty, Google Professional Cloud Security Engineer, CCSP, or equivalent certifications.

Benefits

Flexible working hours and attendance policy (Work from Home on working Saturdays).

  • Attractive compensation and bonus packages, highly competitive in the market.
  • Exclusive employee benefits across the Group's ecosystem in accordance with company policies.
  • Opportunity to work on large-scale and strategic technology projects.
  • Professional technology environment with leading scientists, experts, and engineers from top technology companies in Vietnam and around the world.
  • Free access to learning platforms such as Udemy, Coursera, and O'Reilly; internal workshops; sponsorship for professional certifications; and exclusive mentoring programs from the Group and Company leadership team.
  • Full statutory insurance coverage in accordance with Vietnamese Labor Law (Social Insurance, Health Insurance, Unemployment Insurance), along with private healthcare insurance based on job grade and annual health check-ups at reputable hospitals and healthcare centers nationwide.
  • Participation in internal activities, team-building programs, and annual company events.

Location:

Hanoi: TechnoPark Tower, Vinhomes Oceanpark, Gia Lam.

HCMC: Vincom Dong Khoi

Contact: Ms. Huyền Zalo/Call: 0963 957 235

Mail: [Confidential Information]

More Info

Job Type:
Industry:
Function:
Employment Type:

About Company

Job ID: 150599867

Similar Jobs

Ho Chi Minh, Vietnam

Skills:

Vulnerability ManagementIncident ResponseDevSecOpsIso 27001GcpLinuxKubernetesAWSitgcSoxSecurity MonitoringCloud Infrastructure Security

Ho Chi Minh, Vietnam

Skills:

DASTGraphqlNode.jsKotlinIosAndroidRESTBurp SuiteDockerKubernetesPythonAWSMobSFSCAFridaSAST

Ho Chi Minh, Vietnam

Skills:

threat modeling Security ControlsIncident ResponseApi TestingIamDASTVulnerability ManagementSASTRAG pipelinesprompt testingAI ML systemsagentic AI architecturessecure architectureAI SBOMSecurity AssessmentsAI supply chain risksadversarial testingLLM applicationsabuse-case testingMCP tool integrations

Vietnam, Ho Chi Minh

Skills:

application security assessments KaliAmazon AwsPenetration TestingBurp SuiteDevopsRuby On RailsWindowsMetasploitLinuxAgile SDLCOpen Web Application Security

Ho Chi Minh, Vietnam

Skills:

cloud securityTerraformHMSinfrastructure-as-code