KMS was established in 2009 as a U.S.-based software development & consulting company with development centers in Vietnam. Over 13 years of operation, we have been trusted globally for the superlative quality of software services, products, technology solutions and engineers' expertise.

• KMS Technology focuses on custom software development and a wide variety of consulting services
• KMS Healthcare specialises in the healthcare industry, provides a unique blend of consultative healthcare technology solutions backed by the power of full lifecycle development support
• KMS Solutions serves the Asia Pacific region, bringing the world's innovative technologies to help organizations achieve their business goals through world-class digital capabilities and fit-for-purpose solutions

Besides providing services, KMS builds and successfully launches its own software companies through its internal startup incubator, KMS Labs. The most notable companies with millions of users worldwide include QASymphony, Kobiton, Katalon, Grove, and Visily.

KMS is committed to providing tangible contributions and long-lasting impacts to the communities through leveraging our IT expertise. The company has also been recognized by prestigious industry awards as a great workplace in Vietnam, Asia, and the U.S. for many years in a row.

Responsibilities:

• Implement and manage security tools include Firewall, IDS/IPS technology, threat and vulnerability management, DLP tools, traffic inspection solutions, reporting and data analytics platforms.
• Investigate suspicious activities within IT systems and networks, identify the infected hosts and prevent them from affecting the rest of the network. Correlate and validate alerts to ensure they represent relevant security incidents.
• Monitoring for Endpoint protection activities such as DLP, Antimalware, FDE, etc. for resolving the non-compliance issues.
• Detects vulnerabilities from tool vulnerability scan and the external resource, analyze, assess the risk, prioritize and coordinate with related parties for remediation, report & continue monitoring.
• Threat Intelligence and Information Intelligence to foresee the potential impact may happen to systems and Company reputation.
• Incident handling follows the Company incident management process, investigating the incident, collecting logs, coordinating with related parties to resolve the identified security issues & reports to the Security Manager. 
• Join team to conduct the penetration testing projects on Company’s infra and systems in production and development environments.
• Support security awareness campaigns such as phishing campaigns, update security news periodically to raise employee awareness.
• Support ISMS Team to maintain and improve the current practices by following industrial standards such as: ISO 27001 family, SOC 2, HIPAA, PCI-DSS.

Knowledge and Skills:

• Have 2 - 3 years experience in cyber security, especially in SOC analyst or security operation.
• Experience in detecting policy violations or security incidents using log management platforms, threat prevention and intrusion detection systems.
• Experience in using Vulnerability Scanning Tool (Nessus, OpenVAS, or any other platforms) and ability to analysis scanning reports.
• Ability to script and automate repetitious tasks (using Python, Powershell as a plus).
• Familiar with cyber security threat hunting such as: OSINT, Shodan, Censys, Spiderfoot, etc. is a plus.
• Familiar with cybersecurity technologies and tools such as: Next-gen firewall, N-IDS/H-IDS, Cloud infrastructure, SIEM, Kali Linux tools set, IoT, etc. is a plus.
• Knowledge at Penetrating Testing, Red Teaming, Threat Hunting will be an advantage.
• Having knowledge of ISO 27001, SOC2, GDPR, CSA (Cloud), HIPAA, PCI-DSS is an advantage.
• Demonstrate strong organizational skills, including time management and ability to prioritize and manage a range of tasks pro-actively.
• Demonstrate good logical thinking and problem-solving skills.
• Ability to effectively prioritize, take ownership and execute tasks in a high-pressure environment.
• Highly motivated, self-directed.
• Good at English in communication skills including oral and written so can communicate with US Clients.

Education/Training Preferred:

• Bachelor’s degree in Computer Science related field or equivalent work experience.
• Security certificate: Security+, CEH, CHFI, ECIH other equivalent or higher certificates is an advantage.
• IT certificate: MCSE, LPI, CCNA, CCNP is also a plus.

Perks You'll Enjoy 

• Working in one of the Best Places to Work in Vietnam
• Building large-scale & global software products
• Working & growing with Passionate & Talented Team
• Diverse careers opportunities with Software Outsourcing, Software Product Development, IT Solutions & Consulting
• Attractive Salary and Benefits
• Two performance appraisals every year and performance bonus
• Onsite opportunities: short-term and long-term assignments in North American (U.S, Canada), Europe, Asia.
• Flexible working time
• Various training on hot-trend technologies, best practices and soft skills
• Premium healthcare insurance for you and your loved ones
• Company trip, big annual year-end party every year, team building, etc.
• Fitness & sport activities: football, tennis, table-tennis, badminton, yoga, swimming…
• Joining community development activities: 1% Pledge, charity every quarter, blood donation, public seminars, career orientation talks,…
• Free in-house entertainment facilities (foosball, ping pong, gym…), coffee, and snack (instant noodles, cookies, candies…)

And much more, join us and let yourself explore other fantastic things!