Job Description

1. Full ownership of scoping, planning and running white and grey box penetration tests against identified systems, using professional penetration testing tools
2. Provides periodic penetration testing and professional analysis of Mobile App and APIs in Microservices Environment
3. Assist to design log aggregation pattern and criteria using ELK or Splunk Core, for easier threat findings
4. Liaising with Security Operation Center Team (SoC) in monitoring Threats
5. Analyze and triage information security incident using our existing Service Level management flow
6. Escalate high priority information security incident to supervisor.
7. Research on recent information security trends - using threat intel or other appropriate tools/scanner
8. Conduct scheduled Vulnerability Management

Requirements

• Bachelor degree in Information Technology/Computer Science/Information System with 2 years of professional work experience as a Ethical Hacker or Professional Penetration Tester
• Having at least 2 years of experience as Information Security or IT Governance or IT Auditors
• Having an excellent knowledge of ISO27001
• Understand the OWASP testing methodology and have knowledge of penetration testing tools
• Having sufficient knowledge of security testing requirements of common security regulations
• Having at least 1 year in working in the Cloud-based environment
• Having CEH certification would be much more preferred