Security – Purple Team Engineer

Your job responsibilities:

About KiotViet:
KiotViet wishes to transfer a massive power of technology to every business model in Vietnam and Southeast Asia through our simple and effective solutions. KiotViet is committed itself to creating efficient, convenient products for micro, small and medium-size businesses. In over 13 years, with more than 1500 people who form KiotViet in present, we understand that our members of all time are the foundation of KiotViet nowadays and a launchpad for reaching a better KiotViet in the future. KiotViet is committed to creating a work environment that shares success, shares responsibilities.

KiotViet is looking for an experienced cybersecurity professional to join our Purple Team, which is part of the Information Security (Infosec) team. Successful Purple Team members utilize hands-on experience from both offensive and defensive security roles to elevate cybersecurity practices throughout KiotViet.

What you will do:
As a member of the Purple Team, you will:
- Assist with vulnerability research;
- Support incident response efforts;
- Identify weaknesses in security controls, processes, and procedures;
- Create actionable plans to enhance the cybersecurity of initiatives across a large and complex environment.

Your skills and experience:

Core Skills
The ideal candidate should have strong expertise in:
- Operating Systems: Windows, Linux, and Unix;
- Vulnerability research and exploitation techniques across operating systems and software;
- Offensive security tools (e.g., Cobalt Strike, Metasploit, Burp Suite);
- Networking fundamentals, including OSI layers, TCP/IP, and common protocols;
- System and network telemetry from Endpoint Detection and Response (EDR) tools;
Additional Experience:
- Familiarity with security technologies such as firewalls, IDS/IPS, web proxies, and Data Loss Prevention (DLP) systems;
- Hands-on experience with Windows security logging for threat hunting, forensic analysis, or incident response;
- Ability to present complex penetration testing and Red Team results clearly and effectively to technical and non-technical stakeholders.
Preferred Qualifications:
- Background in Security Services or related fields;
- Relevant certifications, such as: Offensive Security: OSCP, OSEP, OSWE. CompTIA: Security+, CySA+. SANS Institute: GPEN. GWAPT, GXPN.

The benefits and perks:

- Top salary range in the market (willing to negotiate);
- Compensation, pay raise approval at least 1 time per year, a 13th month salary depending on employee’s performance;
- Performance bonus (up to 2-month salary);
- Social – Health – Insurance paid fully. Healthcare: Annual health check-up, Premium Health Insurance ( from level senior according to the company's regulations);
- Advantageous and yield benefits, other benefits such as holiday vacations, benefits for employee’s relatives;
- Unlimited chance of being promoted based on employee’s performance.