Assistant Manager, Security Operations, Technology VN

Key Responsibilities

• Maintain and tune Security Information and Event Management (SIEM) platforms, ensuring reliable log ingestion, correlation rules and alerting.
• Develop and manage Security Orchestration, Automation and Response (SOAR) playbooks to detect vulnerabilities, threats and automate remediation steps.
• Continuously monitor for intrusions, anomalous behavior and emerging threats—investigate and triage alerts in real time.
• Write and maintain detection scripts/rules (e.g. for log analysis, network traffic anomalies, endpoint indicators).
• Lead incident response activities: collect forensic data, analyze attack vectors, document breach impact and coordinate containment.
• Liaise with IT operations teams to ensure rapid mitigation of threats and tracking remediation within SLA.
• Produce regular management reports on security posture, incident trends, compliance status and key risk indicators.
• Collaborate with related stakeholders/partners to close cyber security risk identified during monitoring.
Cooperate with Tech Risk to conduct cyber drill exercise

Job Specification

• Bachelor’s degree in Computer Science, Cybersecurity, Network Engineering or related technical field.
• 3+ years in a SecOps, SOC Analyst or similar role—experience in a banking or financial-services environment preferred.
• Prior experience in threat hunter is expected.
• Certifications such as CEH, GCIH, or Splunk/QRadar/Sentinel administrator certifications are a plus.

Technical & Functional Skills

• Proficient with SIEM platforms (e.g. Splunk, QRadar, Azure Sentinel) and SOAR tools (e.g. Palo Alto Cortex XSOAR, Demisto).
• Solid scripting ability (Python, PowerShell, Bash) to automate data collection, parsing and response workflows.
• Strong understanding of attack techniques, threat-hunting methodologies and incident-response frameworks (e.g. MITRE ATT&CK).
• Hands-on experience with endpoint detection & response (EDR), network IDS/IPS, and log management.

Personal skills

• Fast, analytical thinker with excellent troubleshooting skills.
• Strong sense of urgency and ownership when it comes to threat mitigation.
• Have collaborative, team works to work closely with others functions and external partners.
• Clear communicator, able to explain technical incidents in understandable summary for executive audiences.