Senior Security Operations Engineer

**Top 3 reasons to join us**:

- Social Work-Life Balance That Works for You
- Attractive salary & benefit, 25 days annual leave
- Premium health insurance for employee & family

**Job description**:
Are you passionate about cybersecurity and ready to take a hands-on role in advanced security operations? As a Senior Security Operations Engineer, you’ll play a pivotal role in operating and refining our Security Operations Center (SOC), with a specific focus on incident response, threat hunting, and penetration testing.

You will be part of our Security Operations team, responsible for monitoring, analyzing, and responding to security incidents across our infrastructure. This role goes beyond production security—it encompasses securing our internal systems and processes through continuous operations, incident handling, and proactive security assessments. We’re looking for someone with both practical and theoretical knowledge in IT security, capable of not only enforcing policies but also continuously improving our security posture through incident analysis and pentesting feedback to meet evolving security challenges.

**What you’ll be doing**:

- Optimizing our SOC with our Google Secops **SIEM and SOAR** (Google Chronicle**)**
- Monitoring, analyzing, and escalating security alerts from our **SIEM (**Wazuh & Chronicle** )**
- Executing** pentests and vulnerability scans**on our internal platforms
- Driving the creation of **SIEM dashboards** and enhancing monitoring and alerting capabilities
- Managing and mitigating **CVE’s** on our virtualised platforms and container base images
- Assisting with the implementation of security measures for both external and internal systems
- Use **static code scanning** processes to identify and remediate vulnerabilities early in the development lifecycle
- Enforcing & evolving our **Security Command Center**configuration
- Joining efforts in **automated security scanning** for continuous monitoring of code and infrastructure security
- Participating in the **on-call security response rotation** to handle critical security incidents

**Your skills and experience**:
**Requirements**:

- Hands-on experience with **SIEM** solutions
- Strong knowledge of **CVE**vulnerability mitigation on VM’s
- Solid understanding of **cloud security** (GCP and/or AWS)
- Strong command of **English** (both written and spoken)
- Ability to collaborate effectively with cross-functional teams
- Experience with **Linux** systems (RedHat/CentOS)
- Know how to use **Jira** for project management
- Knowledge of **container security** (Docker)
- Experience in **Pentesting**

** Nice To Have**:

- Experience with **OSSECC**, **Wazuh**, **Tenable.io**, **Burpsuite, Google Secops or SCCE**
- Familiarity with **Opsgenie** or **Prometheus**
- Experience with **patch management** solutions such as** Satellite**
- DevSecOps knowledge
- A keen focus on real-world security issues and the ability to differentiate between buzz and practical security

** Soft skills**:

- Excellent **communication**-skills to work constructive and in cooperation with internal and external teams
- Be assertive, **knowledgeable**and trustworthy
- High degree of **responsibility**and **autonomy**

**Why you'll love working here**:

- Flexible working hours, off on Saturday and Sunday. Annual holidays leave will be following Vietnam law and as company regulations.
- 25 days of annual leave
- Competitive remuneration package
- 13th salary
- Social insurance, health insurance, and unemployment insurance will be under Labor Law.
- Generous private medical health insurance for employees & family members
- Dynamic, young & international environment
- Team building activities & outing
- Brand new & state-of-art Agile office
- Opportunity for traveling & training in Europe

As a member of the Aurify team, you'll have the unique opportunity to work on projects that integrate state-of-the-art technologies with a customer-centric approach. You'll be at the forefront of implementing practices that ensure cost management and security compliance, all within a framework that values simplicity and smart solutions, echoing the mission of Unifiedpost. Join us in our journey to navigate the complexities of the cloud landscape together, providing peace of mind and empowering businesses to focus on their core activities with the assurance of performance, high availability and security excellence.