Jobs · itviec

C

Blue Team Engineer Security Python Siem Edr Ids Ips Con Cung 0151

Keystone AI · Quận 1, Hồ Chí Minh · Posted today

onsite🇻🇳 Vietnam
Apply on itviec

About the role

Top 3 Reasons To Join Us The Job Introduction Con Cung is the biggest omni-channel company for mom & baby with 600 retail stores in Vietnam in 2021 and plan to have 1,000 stores by 2023 with 1 billion USD revenue. Con Cung's annual growth rate is more than 70%. With the vision of providing good quality products for children, Con Cung is strongly investing into Product Research and Development in order to manufacture and provide products that are suitable to the local market in terms of pricing and quality. We also invest into technology in order to manage the network and online channel efficiently. Con Cung Corporation also develops in-house cutting-edge automation and intelligence technologies. We are seeking for young, smart & dynamic talents to grow your career together with us. Job Description The company is seeking its first Blue Team Engineer to design, build, and operate its Security Operations capability. This role will be responsible for implementing monitoring, detection, and response processes while laying the foundation for a future SOC team and for enhancing the security capability of the platform. The engineer will be both hands-on and strategic, combining deep technical expertise with the ability to shape security operations and guide future hires. Key Responsibilities 1. SOC Development & Operations Support the design, implementation, and day-to-day operation of the company’s SOC capabilities (SIEM, EDR, log management, network security (IDS/IPS), monitoring pipelines, SOAR). Develop and maintain detection rules, alert logic, and security monitoring use cases. Integration of AI solutions into the SOC system. 2. Threat Detection, Response & DFIR Monitor and investigate security events, conduct root cause analysis, and participate in containment and remediation activities. Contribute to the development of DFIR processes, playbooks, escalation paths, and evidence-handling procedures. Engage in proactive threat hunting aligned with MITRE ATT&CK and threat intelligence feeds. 3. Security Operations Support Contribute to vulnerability management, patch management, and secure configuration management initiatives. Support privileged access management (PAM) implementation and monitoring. Participate in business continuity and disaster recovery planning, including testing and improvement of response processes. Provide input into threat intelligence collection, analysis, and operational integration. 4. Continuous Improvement & Collaboration Assist in tabletop exercises, simulations, and training activities to validate incident response readiness. Collaborate with IT, AppSec, and Red Team functions to improve defenses and close security gaps. Document findings, lessons learned, and recommendations for enhancing overall security posture. Partially contribute to security policies, standards, and compliance initiatives (ISO 27001, SOC2, etc.) and collaborate with the GRC team. Integrating AI solutions into the proactive defense system. Your Skills and Experience We are looking for a highly motivated person with: 2-3+ years of experience in security operations, blue team engineering, or incident response. Strong experience with SIEM platforms (e.g., ELK Stack, Wazuh, Splunk, Graylog), EDR tools, IDS/IPS, and network security. Hands-on expertise in log analysis, network traffic analysis, memory and application forensics, and endpoint forensics. Foundation skills in malware analysis. Experience with scripting/automation (Python, PowerShell, Bash, etc.). A proactive attitude & the ability to think outside of the box Works in an organised, structured manner Can do attitude, gets things done Excellent communication skills with diverse audiences Strong critical thinking and analytical skills Nice-to-have: Solid understanding of security frameworks and methodologies (MITRE ATT&CK, NIST CSF). Foundation knowledge in Ai integration to Blue team system. English communication. Experience leading or mentoring SOC analysts or security engineers. Relevant certifications: CompTIA Security+, GCIA, GCIH, GCFA, CHFI, CCD, BTL1 or equivalent. Why You'll Love Working Here Annual bonus: 2 - 3 months under minimum KPI requirement Fast promotion opportunities based on personal ability Work in a dynamic, open, creative environment Regular training, company team building, birthday bonus About Concung.com Working time: 8:30 - 17:30 Monday - Friday Working place: 5th Floor, Keystone AI Super Center, 09 Nguyen Trai Street, Ben Thanh Ward, Dist. 1, HCMC

Read the full posting on itviec

FAQ

Is the Blue Team Engineer Security Python Siem Edr Ids Ips Con Cung 0151 role at Keystone AI remote?+

This Blue Team Engineer Security Python Siem Edr Ids Ips Con Cung 0151 position is listed as onsite (Quận 1, Hồ Chí Minh).

What seniority level is this Blue Team Engineer Security Python Siem Edr Ids Ips Con Cung 0151 role?+

This is a unknown level position.

How do I apply for the Blue Team Engineer Security Python Siem Edr Ids Ips Con Cung 0151 role at Keystone AI?+

Use the "Apply on itviec" button to open the original posting on itviec, where you can submit your application directly to Keystone AI.