The core focus for this position is having strong knowledge and experience in penetration testing and application security. This professional is required to do hands-on penetration testing, vulnerability assessments and security incident management.
• Lead and perform hands-on penetration testing of web applications, APIs, infrastructure, mobile (iOS/Android), and network in order to assess and validate the security posture
• Perform vulnerability scans and assessments
• Conduct security code reviews and make recommendations to developers
• Drive security awareness of secure coding practices and techniques
• Write high quality security reports on identified security vulnerabilities, including recommendations to remediate, and delivery of report to stakeholders
• Work collaboratively with key development and operations stakeholders in order to establish and deliver a secure CI/CD pipeline
• Support incident management response and investigation activities such as triage, threat analysis, end-user interviews, and remediation efforts
• Provide subject matter expertise, security consulting, and advisory services to business entities and project teams
• Excellent time management and ability to work on multiple projects as needed • Manage key security assurance suppliers as required
• Conduct offensive research to evaluate emerging cyber security threats and trends
• Maintain up-to-date knowledge of the latest attacks, vulnerabilities, mitigation strategies, industry best practices and regulations
• Build strong working relationships across the business and technology teams
• One of more industry-recognised certifications in penetration testing (OSCP, OSWE, OSCE, CREST CCT / CRT, SANS, etc.)
• Desirable for Bachelors/Masters level qualifications in Management, Engineering, Law, Computer Science, IT, Business or Commerce
If you are interested in hearing more information about this role/client, please contact Robyn on email@example.com or +852 5264 0358.