Job Description
We are looking for an experienced Vulnerability Manager to lead our efforts in identifying, assessing, and mitigating security vulnerabilities in various software products. The ideal candidate will have a deep understanding of application security, risk assessment, and mitigation strategies, along with a proven track record of driving security initiatives within complex software environments.
Key Responsibilities
- Threat Analysis: Analyze and prioritize identified vulnerabilities based on potential impact and exploitability, and provide actionable recommendations to development teams for remediation.
- Mitigation Planning: Collaborate with cross-functional teams to develop and implement effective mitigation strategies, including providing guidance on secure coding practices and architectural improvements.
- Risk Management: Assess security risks associated with vulnerabilities and track them through resolution. Provide clear risk communication to technical and non-technical stakeholders.
- Compliance and Standards: Stay up-to-date with industry security standards, regulations, and best practices. Ensure that our software products adhere to relevant security standards.
- Incident Response: Contribute to the development and enhancement of incident response plans and processes, ensuring timely and effective responses to security incidents.
- Vulnerability Assessment: Conduct regular and comprehensive vulnerability assessments on our platforms and software applications to identify potential security weaknesses and threats.
- Reporting: Generate regular reports for executive leadership, summarizing the security posture of our software applications, ongoing vulnerability management efforts, and progress toward resolution.
Requirements
- Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
- Proven experience (2+ years) in vulnerability management, application security, and secure coding practices, preferably in the fintech industry.
- Solid understanding of common application vulnerabilities (OWASP Top Ten), as well as security standards and frameworks (ISO 27001, NIST, etc.).
- Experience with security assessment tools, penetration testing techniques, and vulnerability scanning tools.
- Familiarity with secure software development lifecycle (SDLC) principles.
- Professional certifications such as CISSP, CISM, CEH, or related certifications are a plus.
- Strong communication and interpersonal skills, with the ability to collaborate effectively with technical and non-technical teams.
- Proven ability to manage multiple projects, prioritize tasks, and meet deadlines.
Preferred Qualifications
- Knowledge of container-based environments (Kubernetes).
- Knowledge of cloud-based platforms (AWS, Azure, GCP).
- Fundamental knowledge on DLT (Distributed Ledger Technology) is highly desirable.
- Relevant certifications (e.g., SANS, CISSP, etc.) is a plus
Benefits
- Attractive compensation package: 14-month salary scheme plus annual bonus and additional allowances
- Annual bonus package tailored based on performance and contribution
- Young, open, and dynamic working environment that promotes innovation and creativity
- Ongoing learning and development with regular professional training and opportunities to enhance both technical and soft skills
- Exposure to cutting-edge technologies and diverse real-world enterprise projects
- Vibrant company culture with regular team-building activities, sports tournaments, arts events, Family Day, and more
- Full compliance with Vietnamese labor laws, plus additional internal perks such as annual company trips, special holidays, and other corporate benefits
How To Apply
Please send your application via email: [Confidential Information]
2+ years of experience
- By submitting your application to [HIDDEN TEXT], you acknowledge that you have read, understood, and agreed to CMC Global's REGULATIONS ON THE PROTECTION OF CANDIDATES PERSONAL INFORMATION.
- Years of Experience Required
- Required Education Level
Bachelor's Degree
Manager
Full-time
