2 320 Incident Response jobs in Vietnam

• Lead and manage the response to cybersecurity incidents.
• Conduct in-depth forensic investigations on affected systems.
• Analyze malware, network traffic, and system logs to identify root causes.
• Develop and execute incident response playbooks and procedures.
• Monitor security systems for potential threats and anomalies.
• Provide timely and accurate technical reports to stakeholders.
• Collaborate with internal teams to implement remediation measures.
• Stay current with emerging threats and vulnerabilities.
• Contribute to security awareness training and best practices.

• Bachelor's degree in Computer Science, Cybersecurity, or a related field.
• 5-7 years of experience in cybersecurity, with a focus on incident response.
• Proven experience with SIEM, EDR, and other security tools.
• Strong understanding of incident response methodologies and digital forensics.
• Excellent analytical, problem-solving, and communication skills.
• Relevant certifications (CISSP, GCIH, GIAC) are a plus.
• Ability to work under pressure and manage crisis situations effectively.

• Monitoring security alerts and logs from various security tools (SIEM, IDS/IPS, EDR) to detect and analyze potential security threats.
• Conducting threat intelligence research to identify emerging threats, vulnerabilities, and attack vectors relevant to the organization.
• Leading and coordinating the incident response process, including containment, eradication, and recovery actions for security breaches.
• Performing forensic analysis of security incidents to determine root causes and gather evidence.
• Developing and refining incident response playbooks and procedures.
• Collaborating with IT and development teams to implement security controls and remediate vulnerabilities.
• Conducting vulnerability assessments and penetration testing.
• Creating regular reports on security posture, threat landscape, and incident metrics for management.
• Staying current with the latest cybersecurity threats, technologies, and best practices.
• Contributing to security awareness training for employees.
• Recommending security enhancements and strategic improvements to the overall security program.
• Participating in on-call rotation for security incidents.

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field.
• Minimum of 5 years of progressive experience in information security, with a focus on threat intelligence and incident response.
• Strong understanding of cybersecurity principles, network security, operating system security, and common attack vectors.
• Hands-on experience with SIEM tools, EDR solutions, IDS/IPS, and other security technologies.
• Proficiency in conducting forensic investigations and malware analysis.
• Excellent analytical, problem-solving, and critical-thinking skills.
• Strong communication and interpersonal skills, with the ability to explain complex technical issues clearly.
• Relevant certifications such as CISSP, CEH, GCIH, or GIAC are highly desirable.
• Ability to work effectively under pressure during security incidents.
• Experience in a regulated industry (e.g., finance) is a plus.

• Manage, configure, and optimize SIEM solutions (e.g., Splunk, QRadar, ArcSight) to ensure effective log collection, correlation, and alerting.
• Develop and maintain SIEM use cases, dashboards, and reports to detect and visualize security threats.
• Lead and coordinate incident response activities, including investigation, containment, eradication, and recovery.
• Analyze security alerts and events to identify potential security breaches and malicious activities.
• Perform forensic analysis of security incidents to determine root cause and impact.
• Develop and update incident response playbooks and procedures.
• Identify security vulnerabilities and recommend remediation actions.
• Collaborate with threat intelligence teams to integrate threat feeds into SIEM and IR processes.
• Conduct security monitoring and analysis of network traffic and system logs.
• Provide technical guidance and mentorship to junior security analysts.
• Stay current with the latest security threats, vulnerabilities, and technologies.
• Participate in security awareness training and initiatives.

• Monitor security systems and analyze security alerts for potential threats.
• Investigate and respond to cybersecurity incidents in a timely and effective manner.
• Develop and maintain the organization's threat intelligence program.
• Identify and analyze emerging cyber threats, vulnerabilities, and attack vectors.
• Develop and execute incident response plans and playbooks.
• Conduct forensic analysis of compromised systems and networks.
• Implement remediation and recovery actions to minimize security impact.
• Provide technical guidance and support to junior security analysts.
• Collaborate with IT and development teams to enhance security controls.
• Document security incidents, investigations, and resolutions thoroughly.
• Stay up-to-date with the latest cybersecurity trends, tools, and best practices.

• Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, or a related field.
• Minimum of 5 years of experience in cybersecurity, with a focus on threat intelligence and incident response.
• Proven experience with SIEM platforms (e.g., Splunk, QRadar, LogRhythm) and EDR solutions.
• Strong understanding of network protocols, operating systems, and common attack frameworks (e.g., MITRE ATT&CK).
• Experience with digital forensics tools and techniques.
• Familiarity with cloud security concepts (AWS, Azure, GCP).
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong written and verbal communication skills, with the ability to explain technical concepts to diverse audiences.
• Ability to work independently and manage priorities effectively in a fully remote environment.
• Relevant cybersecurity certifications (CISSP, GCIH, GCFA, CEH) are highly preferred.
• Experience in scripting or programming languages (e.g., Python, PowerShell) for security automation is a plus.

• Develop and execute comprehensive threat intelligence programs, including proactive monitoring and analysis of threat actor tactics, techniques, and procedures (TTPs).
• Lead and manage incident response activities, ensuring rapid and effective containment, eradication, and recovery from security breaches.
• Conduct in-depth forensic investigations of security incidents to determine root causes and recommend preventative measures.
• Utilize and manage a variety of security tools, including SIEM, EDR, IDS/IPS, and threat intelligence platforms.
• Develop and maintain incident response playbooks and standard operating procedures.
• Provide expert guidance and mentorship to junior security analysts.
• Collaborate with internal stakeholders, including IT, legal, and executive leadership, to communicate security risks and incident status.
• Stay current with the latest cybersecurity threats, vulnerabilities, and mitigation techniques.
• Design and implement security awareness training programs for employees.
• Contribute to the continuous improvement of the organization's overall security posture.

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field. Master's degree preferred.
• Minimum of 8 years of experience in cybersecurity, with a strong focus on threat intelligence and incident response.
• Proven experience leading security incident response teams and managing complex security events.
• Deep understanding of various attack vectors, malware analysis, and forensic techniques.
• Hands-on experience with SIEM platforms (e.g., Splunk, QRadar), EDR solutions, and network security monitoring tools.
• Familiarity with threat intelligence frameworks (e.g., MITRE ATT&CK) and data sources.
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong leadership, communication, and interpersonal skills, with the ability to effectively convey technical information to non-technical audiences.
• Relevant cybersecurity certifications such as CISSP, GCIH, GCFA, or OSCP are highly desirable.
• Ability to thrive in a remote, fast-paced, and dynamic environment.

Job overview and responsibility

● Working Time: Monday - Friday, 8:00 AM - 5:30 PM (Flexible depending on each project)

● About the project: In this role, you will be responsible for assessing the security posture of third- party vendors to protect our organization/customers. You will work across a multi-tiered assessment program, using your analytical and communication skills to identify and document potential risks.

Vendor Risk Assessment:

• Conduct tiered assessments of vendors, ranging from a basic analysis to more complex evaluations (most of the focus will be on Tier 3 and Tier 2) - see below:

• Analyze vendor reports and publicly available information to identify security red flags and potential vulnerabilities.

• Review vendor-provided documentation, including Privacy Impact Assessments.

Documentation and Reporting:

• Summarize assessment findings and create comprehensive risk summaries in the customer-approved format(s).

• Ensure all documentation is accurate, well-structured, and free of grammatical or spelling errors.

• Maintain effective written communication with internal teams. Vendor communication will be handled by the customer. Customer will interact with the Vendor(s):

• Distribute and collect required documents, methodologies, and other materials to the customer so that the customer can communicate with vendors for assessment purposes.

Compliance and Security Oversight:

• Adhere strictly to Customer's security protocols, ensuring no data is extracted or exfiltrated without explicit approval.

• Identify and report on inappropriate security activities within other customer business units.

Required skills and experiences

- Proven background in cybersecurity/it auditor, specifically in vendor risk management or third-party risk assessments (at least 3 years of experience)

• Strong analytical skills with the ability to review complex information and identify security risks.

• Excellent written communication skills, with a high level of proficiency in English.

• High attention to detail and a commitment to maintaining strict confidentiality.

• Can be able to conduct overlap with our client in US time for 30 minutes/day.

• Perform security assessments and audits of blockchain networks, smart contracts, and dApps.
• Identify and analyze security vulnerabilities, including common exploits and emerging threats.
• Conduct penetration testing and code reviews to ensure the security of blockchain applications.
• Develop and implement security best practices and incident response plans.
• Monitor blockchain networks for suspicious activities and potential security breaches.
• Collaborate with development teams to integrate security measures into the development lifecycle.
• Stay up-to-date with the latest trends and advancements in blockchain technology and cybersecurity.
• Prepare detailed security reports and present findings to management and technical teams.

• Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field.
• Proven experience in blockchain security, cybersecurity, or penetration testing.
• Strong understanding of blockchain technology, cryptocurrencies, and smart contract development (e.g., Solidity).
• Knowledge of common cryptographic algorithms and their applications.
• Familiarity with security auditing tools and methodologies.
• Excellent analytical and problem-solving skills.
• Ability to work independently and as part of a team in a fast-paced environment.
• Strong communication and reporting skills.