Junior Cybersecurity Engineer (IoT / OT / ICS)

As a Cyber Security Engineer, you will be part of a team responsible for delivering cybersecurity testing and conformity assessment services for connected products. The role focuses on ensuring that IoT, OT, and ICS products meet applicable security standards and regulatory requirements through structured testing, evaluation, and documentation.

Key Responsibilities:

• Perform cybersecurity testing (e.g. vulnerability assessment, penetration testing, basic code review, threat modelling) on IoT, OT, and ICS products and systems
• Assess and document security weaknesses across systems, configurations, and communication protocols (e.g. TCP/IP, MQTT, Modbus, BLE, Zigbee)
• Execute conformity assessment activities, including technical evaluations and review of product documentation (e.g. security architecture, design specifications, user guidance)
• Review and assess manufacturer-provided risk assessments, identify gaps or missing considerations, and support evaluation of their adequacy against applicable standards and requirements
• Prepare clear, structured, and comprehensive technical documentation and reports to support assessment and certification outcomes
• Engage and collaborate with customers to clarify technical scope, product configurations, test plans / scope of work, and assessment findings
• Collaborate with internal teams to ensure consistent, high-quality, and timely delivery of assessments
• Stay current with relevant standards, tools, and emerging threats within the IoT/OT/ICS landscape

Key Requirements

• Degree in Computer Science, Information Security, Computer/Information Engineering, or a related field
• 2–3 years of experience in cybersecurity or product-based technologies (preferably IoT, OT, or ICS)
• Hands-on experience or exposure to cybersecurity testing (e.g. vulnerability assessment, penetration testing, basic code review, threat modelling)
• Strong foundational knowledge of cybersecurity principles and methodologies, including vulnerability assessment and basic security testing approaches
• Familiarity with cybersecurity frameworks and standards (e.g. OWASP, NIST, MITRE, CIS) and exposure to product security or conformity assessment standards (e.g. ETSI EN 303 645, IEC 62443, NIST IR 8259A, CRA, RED)
• Basic understanding of risk assessment frameworks (e.g. NIST RMF) and ability to review risk assessments in a product security context
• Working knowledge of IoT/OT/ICS architectures and communication protocols (e.g. TCP/IP, MQTT, Modbus, CAN, BLE, Zigbee, Wi-Fi)
• Ability to execute structured testing and follow defined conformity assessment procedures accurately
• Strong analytical thinking with attention to detail and ability to identify security gaps or non-obvious risks
• Ability to produce clear, structured, and audit-ready technical documentation
• Strong communication skills for working with internal teams and supporting customer interactions
• Ability to work in a structured, process-driven environment while adapting to evolving project needs
• Entry-level or intermediate cybersecurity certifications (e.g. eJPT, PenTest+, Security+) are an advantage; exposure to audit or assurance certifications (e.g. CISA) is a plus

Others (Benefit):

• Working in an international dynamic and friendly environment
• 15 annual leaves, 15 paid sick leaves, Christmas leave
• 13th-month salary, bonus based on performance and business result
• Social insurance, health insurance, unemployment insurance base on full basic salary (Vietnamese Law)
• Insurance benefit package (Accident insurance 24/7, Health care insurance, Business travel insurance), annual health check
• Free parking 
• Ad-hoc staff engagement events, team-building activities, company trip
• Participate in the company’s training programs, LinkedIn Learning license holder (fee supported by company base on company’s policy)