Assistant Manager, Security Operations, Technology VN

Key Responsibilities

• Maintain and tune Security Information and Event Management (SIEM) platforms, ensuring reliable log ingestion, correlation rules and alerting.
• Develop and manage Security Orchestration, Automation and Response (SOAR) playbooks to detect vulnerabilities, threats and automate remediation steps.
• Continuously monitor for intrusions, anomalous behavior and emerging threats—investigate and triage alerts in real time.
• Write and maintain detection scripts/rules (e.g. for log analysis, network traffic anomalies, endpoint indicators).
• Lead incident response activities: collect forensic data, analyze attack vectors, document breach impact and coordinate containment.
• Liaise with IT operations teams to ensure rapid mitigation of threats and tracking remediation within SLA.
• Produce regular management reports on security posture, incident trends, compliance status and key risk indicators.
• Collaborate with related stakeholders/partners to close cyber security risk identified during monitoring.
• Cooperate with Tech Risk to conduct cyber drill exercise

 

Job Specification

• Bachelor’s degree in Computer Science, Cybersecurity, Network Engineering or related technical field.
• 3+ years in a SecOps, SOC Analyst or similar role—experience in a banking or financial-services environment preferred.
• Prior experience in threat hunter is expected.
• Certifications such as CEH, GCIH, or Splunk/QRadar/Sentinel administrator certifications are a plus.

Technical & Functional Skills

• Proficient with SIEM platforms (e.g. Splunk, QRadar, Azure Sentinel) and SOAR tools (e.g. Palo Alto Cortex XSOAR, Demisto).
• Solid scripting ability (Python, PowerShell, Bash) to automate data collection, parsing and response workflows.
• Strong understanding of attack techniques, threat-hunting methodologies and incident-response frameworks (e.g. MITRE ATT&CK).
• Hands-on experience with endpoint detection & response (EDR), network IDS/IPS, and log management.

Personal skills

• Fast, analytical thinker with excellent troubleshooting skills.
• Strong sense of urgency and ownership when it comes to threat mitigation.
• Have collaborative, team works to work closely with others functions and external partners.
• Clear communicator, able to explain technical incidents in understandable summary for executive audiences.

 

With operations that span 15 different markets across the region, the opportunity to expand your experience, test your capabilities, and exhibit your resilience is ample.  #teamCIMB  is always keen to welcome the ones who are ready to make that very special difference – for themselves and the bank.