Công Nghệ An Ninh Không Gian Mạng Việt Nam

Tóm tắt công việc
We're seeking key members who have had a proven track record of running critical shared application platforms in a production cloud environment. This role is responsible for ensuring NAB Group's cyber threat controls are appropriate, capable, optimally configured, consistent across all NAB Group entities, and gaps are identified and remediated through operational and investment activities. Also, responsibility for developing threat activity reporting and insights.
At NAB, we believe success comes from our people. We're committed to supporting your talent and skills through your career, as you help us build a culture that affects change for our customers and for the community too.
YOUR RESPONSIBILITIES
This role is responsible for ensuring NAB Group's cyber threat controls are appropriate, capable, optimally configured, consistent across all NAB Group entities, and gaps are identified and remediated through operational and investment activities. Also, responsible for developing threat activity reporting and insights:
Develop and maintain the threat and countermeasures framework, including attack surfaces, attack vectors, attack paths, TTP mapping, mitigating controls and countermeasures, control capability, and mitigation metrics
Identify, implement and report on mitigation strategies for tracked Adversaries and tradecraft.
Ensure a defensible architecture by influencing and driving key stakeholders, including Senior Management, Strategy & Architecture, Support Teams, Third Parties and Vendors
Stay abreast of industry best practices and emerging threats to ensure defensive capabilities are optimal
Produce reporting on countermeasure effectiveness, ineffectiveness, and ROI
Perform deep dive investigations into potential high risk exposure areas
Periodically review countermeasure detailed configuration to ensure optimal defensive posture
Actively drive improvement in countermeasures to prevent successful attack and exploitation
Work with Cyber Response, Red Team and Threat Detection teams to automate adversary simulation and test countermeasure effectiveness
Provide regular reporting on key operational and delivery measures
Influence and drive maturity improvements in the NIST IDENTIFY, PROTECT and DETECT domains
Other related activities as required by Cyber Security Leadership3-5 years of experience working in an Application Security, consulting or related role
A unique combination of engineering acumen, CTI and Offensive Security experience and a Cyber Defense mindset.
Extensive experience in CTI/SOC in large complex enterprise environments
Proven experience in consulting roles
Appropriate tertiary or industry qualifications in cyber security
Excellent leadership, communication, stakeholder management and influencing skills
Expertise in intelligence, SOC/IR, Threat/Risk analysis, Penetration testing/ Red Team is preferred.
Extensive experience in software, tools and cloud engineering (AWS, Azure, GCP and common modern backend/scripting development frameworks/languages such as Python and NodeJS)
Familiarity with common security and threat frameworks such as NIST CSF, NIST SPs, CKC, MITRE ATT&CK)