Information Technology

Security Consultant (Penetration & Vulnerability)

Kuala Lumpur, Malaysia

IT Consulting & Services / Leading Cloud Solutions Provider

Our Client was incorporated in 2003 and is a leading cloud solutions provider that has helped to transform and maximise the digital possibilities of some of the biggest names in the region. With a superior technical knowledge of the entire cloud ecosystem, deep understanding of customer needs at different levels of cloud maturity, and a relentless pursuit of breaking new ground, they are a preferred partner for various Singapore government agencies, MNCs and private organisations. Today, they are a large family network of over 600 professionals across 6 offices in Singapore, Indonesia, Malaysia and Australia.

Now, they are looking for experienced security professionals who can achieve a secured environment for our applications, system, and network infrastructure.

You must have strong experience in performing penetration testing and vulnerability management services for applications, network systems, operating systems and databases. Candidates should have experience with black box and grey box.

Knowledgeable in penetration and vulnerability testing, and experience with black box and grey box testing in web/mobile or Thick client applications.

Compulsory experience

Knowledgeable in penetration and vulnerability testing, and experience with black box and grey box testing in web/mobile or Thick client applications.

What You Will Do

Conduct security assessments such as penetration and vulnerability tests, and perform Blackbox/Greybox testing of Web/Mobile or Thick client applications.

Perform Network Vulnerability Assessments and Penetration Testing.

Risk Evaluation of observed vulnerabilities based on common risk scoring techniques such as Common Vulnerability Scoring System (CVSS).

Perform Configuration Review to check compliance with Security Hardening baselines.

Create detailed report of findings and recommendations after testing is complete and present to stakeholders.

Coordinate with developers/stakeholders on the findings for appropriate fixes.

Meeting with clients and analyzing the client’s assets and identifying which security measures are needed, and establishing security protocols and policies, as well as designing security plans to protect the client’s assets.

What You Need:

Degree in Computer Science / IT Security or other related disciplines with the equivalent experience.

Possess an overall exposure and understanding of Application and Network Security testing (Vulnerability Assessment & Penetration Testing, VAPT).

Detailed knowledge of common web application attack vectors such as SQL injection, CSRF, XSS, Session Management issues, Insecure Direct Object reference, Click jacking, buffer overflows, etc.

Good understanding of network technologies and protocols such as NIPS, IDS, TLS/SSL, DLP, firewalls, WAF, DNS and other common technologies and protocols.

Ideally experienced in one or more of the following:
i) manual application penetration testing of web- based applications, thick- client applications, mobile applications, web services, API s etc.

ii) manual mobile application penetration testing on platforms like Android, IOS, etc both client and server-side applications.

iii) automated web application vulnerability scanners (e.g. Web inspect, Burp suite Pro, etc)

iv) Experience in performing Network VA using popular tools such as Nessus or Nexpose.

v) Experience in performing Network Penetration Testing for both internal and external networks.

vi) Have performed Black Box / Grey Box Application penetration testing.

vii) Knowledge in Configuration Review based on standard CIS security hardening baselines or custom baselines.

Certifications that would be added advantage – OSCP, GIAC Certifications (GWAPT, GPEN) CREST CRT, OWSE, CEH

What's On Offer:

  •   Offered Salary

:

Up to RM 11,000 + Benefits

  •   Working hours

:

40 hours spread over 5 days a week

  •   Type             

:

Permanent

  •   Work Location 

:

Kuala Lumpur, Malaysia

  •   Offered Benefits

:

Competitive salary, 14 Days of annual leave, Private Health Insurance, Various extracurricular activities (sports, music, etc.), Company dinner, Opportunity to work in Singapore Headquarter, Young, dynamic and vibrant atmosphere, All around snacks, drinks, coffee, tea, Opportunity to work hybrid/from home.

Ease of access: Central HQ location + Open for WFH arrangements!