Search by job, company or skills

orient software development corp.

Security Expert

orient software development corp.
Ho Chi Minh, Vietnam
5-7 Years
Save
new job description bg glownew job description bg glow
  • Posted 19 hours ago
  • Be among the first 10 applicants
Early Applicant

Job Description

We are looking for a Security Expert to help design and implement security architecture for a next-generation platform. This role will work closely with software engineers, architects, and product stakeholders to ensure security is embedded into the platform from the ground up.

The ideal candidate has strong expertise in application security, identity and access management, secure API design, and security governance. Candidates with a solid Full-Stack Development background and hands-on experience building secure distributed systems are highly preferred.

What You'll Do

  • Define and implement security architecture and best practices across platform components.
  • Design and enforce secure authentication and authorization mechanisms.
  • Implement Role-Based Access Control (RBAC) models and permission frameworks.
  • Establish and maintain secrets management processes and tooling.
  • Design secure API authentication and authorization strategies using OAuth 2.0 and related standards.
  • Ensure transport security across services and integrations using TLS and modern encryption standards.
  • Design and review audit logging mechanisms, ensuring tamper-evident audit trails for critical activities.
  • Conduct security reviews of platform architecture, APIs, integrations, and system components.
  • Collaborate with engineering teams to identify and mitigate security risks throughout the software development lifecycle.
  • Support security assessments, penetration testing activities, and remediation planning.
  • Provide technical guidance and security recommendations to development teams.

Who We Are Looking For

  • 5+ years of experience in Cybersecurity, Application Security, Platform Security, or related fields.
  • Strong knowledge of:
  • TLS and transport security
  • OAuth 2.0, API authentication, and authorization
  • RBAC design and implementation
  • Secrets management solutions (e.g., HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, etc.)
  • Audit trail design and tamper-evident logging
  • Experience securing cloud-native or distributed systems.
  • Strong understanding of secure software development practices.
  • Ability to perform security reviews and provide actionable recommendations.
  • Strong communication skills and ability to work with cross-functional teams.

Nice to have

  • Experience with threat modeling methodologies such as STRIDE, PASTA, or similar frameworks.
  • Knowledge of SNMPv3 security and Syslog security best practices.
  • Familiarity with security compliance frameworks such as ISO 27001, NIS2, SOC 2, or equivalent.
  • Experience establishing security governance for connectors, integrations, SDKs, or extensible platforms.
  • Experience with security automation, DevSecOps, and CI/CD security controls.
  • Relevant certifications such as CISSP, CSSLP, CCSP, OSCP, or equivalent
  • Strong Full-Stack Development background (Frontend + Backend).
  • Experience building enterprise SaaS, platform products, or integration-heavy systems.
  • Hands-on experience reviewing application code and implementing secure coding practices.
  • Familiarity with modern cloud platforms (AWS, Azure, or GCP).
  • Experience working in startup, MVP, or product-building environments.

We are open to:

  • Full-time employment
  • Part-time employment
  • Independent consultants/contractors

The level of involvement can be tailored based on the candidate's expertise and availability.

What We Offer

  • Attractive and competitive performance-based compensation package.
  • Full gross salary during probation.
  • Generous 13-month salary and dedication bonus.
  • Comprehensive healthcare insurance package and annual health check-ups.
  • Flexible check-in time before 10:00 AM on weekdays.
  • 2-days remote work per week.
  • 12 annual leave days, 5 sick leave days, 11 public holidays as required by Vietnamese Labor Law, plus one extra day off for Christmas.
  • Opportunity to work on global projects, collaborate with international teams, and have business trip to Australia.
  • Daily breakfast, Happy Thursday gatherings to connect with colleagues.
  • Active sport clubs such as badminton, running, football, music clubs.
  • Teambuilding activities, annual company trips, and year end party.
  • Continuous learning opportunities through technical & soft skills training, English classes, and internal communities.
  • Financial assistance for important life events, including marriage, childbirth, and bereavement, ensuring support at every stage of life.

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Cybersecurity
Employment Type:
Full time

Job ID: 148687355

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 03-06-2026 08:33:44 PM
Homejobs in Ho Chi MinhSecurity Expert