Manager/Technical Lead, PenTesting Manager/Technical Lead, PenTesting …

ConnectedGroup Limited
in Hong Kong
Permanent, Full time
Be the first to apply
Negotiable
ConnectedGroup Limited
in Hong Kong
Permanent, Full time
Be the first to apply
Negotiable
Our client is one of the biggest organisations, they are looking for a Manager/Technical Lead (PenTesting) with experience in Information Risk and Security management and extensive experience in performing application security assessments.

Our client is one of the biggest organisations, they are looking for a Manager/Technical Lead (PenTesting) with experience in Information Risk and Security management and extensive experience in performing application security assessments.

Responsibilities:

  • Contribute/ lead the management of end-to-end Pentesting, to ensure quality on testing engagements to identify security weaknesses within company's business environments, report on issues and make remediation recommendations
  • Position as a subject matter expert to help support and respond to company's pending requests, anticipate company's needs, and suggest solutions using innovative approaches
  • Involve in all aspects of security PenTesting and vulnerability management engagements which include but are not limited to:
    • Network and host vulnerability assessments and penetration testing.
    • Web application vulnerability assessments and penetration testing.
    • Source code security reviews assisted by automated tools.
    • Exploit research and development skills are a plus.
    • Firewalls, IDS / IPS, and other security device configuration review are a plus.
  • Ensure the quality of reports on findings and recommendations meets the company's quality standard.

Requirements:

  • Preferred certifications: GIAC, CISSP, CEH, OSCP. CISA, CISM, OSCE, OSWE Web Expert, or OSEE Exploitation Expert or equivalent is a great plus.
  • Hands-on experience working with Burp Suite, OWASP Zap, Nmap, Metasploit, Wireshark, and SIEM
  • Experience with digital security and the recent adoption of mobile and web security measures
  • Experienced in secure application coding and application security scanning
  • Expert knowledge of:
    • Windows, Linux, ChromeOS, and macOS,
    • Implants, shells, Command and Control (C2) infrastructure,
    • TCP/IP, IDS/IPS, firewalls, WAF, and web content filtering,
    • Crypto: PGP, SSH, PKI, Network equipment such as Cisco, Palo Alto, and Juniper, AWS environments.
  • Performing penetration tests, vulnerability assessments, and application/infrastructure security reviews for the web and mobile applications
  • Support the development of application coding guideline and application security scanning process and the development a penetration test policy and source code review guidelines
  • Proficiency in both written and spoken English and Cantonese

Interested individuals can click apply now and send updated resume (in WORD format) to Bonnie Chan for further information.

For a more comprehensive list of current opportunities, please visit www.connectedgroup.com

#StayConnected

ConnectedGroup Limited logo
More Jobs Like This
See more jobs
Close
Loading...
Loading...