JOB DESCRIPTION
We are seeking to expand our Cyber Security capabilities and are looking for an experienced Cyber Defense Center (CDC) Subject Matter Expert (SME) with expertise in SIEM, threat detection engineering, incident response, and data loss prevention. The ideal candidate will have a comprehensive understanding of various cybersecurity domains and will play a critical role in enhancing our cybersecurity posture. This role requires hands-on experience in detecting and responding to security threats, configuring detection tools, and collaborating with cross-functional teams to prevent cyber incidents.
We are looking for the mix of following skills and experience:
SIEM:
- Manage and configure SIEM to collect, analyze, and visualize security data.
- Design and implement SIEM searches, alerts, and dashboards to detect suspicious activities and improve threat visibility.
- Work with IT and security teams to integrate SIEM with other security tools and platforms.
Threat Detection Engineering:
- Develop, tune, and optimize threat detection mechanisms to identify potential threats in real-time.
- Design custom detection rules, signatures, and use cases for various attack techniques and indicators of compromise (IoCs).
- Perform ongoing monitoring and analysis of threat trends, utilizing threat intelligence to enhance detection strategies.
Incident Response:
- Lead incident response efforts by identifying, investigating, and responding to security incidents.
- Perform root cause analysis and implement corrective actions to prevent future occurrences.
- Work closely with IT and business teams to communicate the impact of security incidents and coordinate recovery efforts.
Data Loss Prevention (DLP):
- Implement and manage DLP solutions to monitor and prevent unauthorized access to sensitive data.
- Develop and enforce DLP policies, ensuring compliance with industry standards and regulations.
- Investigate DLP alerts and coordinate with teams to resolve data leakage incidents.
Cybersecurity Expertise Across Domains:
- Provide guidance and expertise across multiple cybersecurity domains such as networksecurity, application security, identity and access management, and cloud security.
- Stay updated on the latest security trends, vulnerabilities, and regulatory requirements.
- Participate in risk assessments, security audits, and compliance activities.
Collaboration and Mentorship:
- Collaborate with other cybersecurity and IT teams to ensure integrated security defensesacross the organization.
- Provide mentorship and training to junior staff members, fostering a culture of continuous learning and improvement within the cybersecurity team.
Threat Hunting:
- Proactively search for and identify cyber threats and malicious activities that evadetraditional detection methods.
- Analyze security data and intelligence to uncover advanced persistent threats (APTs)and unknown threat patterns.
- Develop and execute threat hunting playbooks and techniques using advanced tools and methodologies.
- Collaborate with security analysts and engineers to strengthen detection and prevention strategies based on threat-hunting insights.
REQUIREMENTS
- Education: Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent work experience).
- Experience: hands-on experience in cybersecurity roles, with a focus on SIEM, threatdetection engineering, incident response, and DLP.
- Hands on: Fundamental understanding how security tools work instead of knowingwhich button to push.
Certifications (not necessary, but nice to have):
- GIAC Certified Incident Handler (GCIH)
- Splunk Certified Architect
Required Skills:
- General understanding of at least one SIEM architecture, queries, dashboarding, andalerting.
- Knowledge of threat detection techniques, SIEM solutions, and security operations.
- Hands-on experience with incident response, root cause analysis, and forensic investigations.
- Familiarity with DLP techniques for preventing data breaches.
- Excellent problem-solving skills, with the ability to make decisions under pressure during incidents.
- Strong communication skills to effectively collaborate with technical and non-technical stakeholders.
Preferred Skills:
- Knowledge of cloud security (AWS, Azure, GCP).
- Familiarity with automation and scripting (e.g., Python, PowerShell).
- Understanding link between vulnerability management, penetration testing, and red teaming.
BENEFITS
- Package: 14 salary months + Project bonus (If any) + Extra package: 16M/year + Allowances shift working
- Young and dynamic working environment.
- Continuous development of hard and soft skills through work and professional trainings.
- Opportunity to approach newest technology trends
- Exciting leisure: sport and art events (football club, family day…)
- Company’s labor policy completely pursuant to Vietnamese labor legislation plus other benefits offered by the company (Company trip, Holiday, etc.)
HOW TO APPLY
Please send your application via email: [email protected]
*By submitting your application to [email protected], you acknowledge that you have read, understood, and agreed to CMC Global’s REGULATIONS ON THE PROTECTION OF CANDIDATES’ PERSONAL INFORMATION.
-
Years of Experience Required
2+ years of experience
-
Required Education Level
Bachelor’s Degree
-
Job Level
Middle/Senior
-
Work Form
Full-time
-
Email: [email protected]