Senior Penetration Expert/InfoSec-Tester

43 Hồ Văn Huê, Phu Nhuan, Ho Chi Minh
See map
16 days ago

Top 3 Reasons To Join Us

  • Attractive salary based on skills and experiences
  • Free office lunch, coffee, tea and snack everyday
  • 13th month bonus

Job Description

The Senior Penetration Expert (SPE) is responsible for verifying that our mobile & web applications are secure and to advise our teams how to get there. The role involves performing security assessments, threat modeling, and ethical hacking of our network & applications. The SPE will be producing reports and recommendations about the risk of vulnerabilities identified by security assessments and penetration tests for each product team and to build out security standards and practices to be abided by every developer at Floware.

Your Skills and Experience

SKILLS AND EXPERIENCE

  • Excellent working experience performing security audits and compliance checks, including but not limited to network & application penetration testing, vulnerability scans, and other configuration analysis
  • Expert at TCP/IP and networking concepts
  • Knowledge of the software development lifecycle and the ability to create and read code in a modern object-oriented programming language (such as Swift, Objective-C, PHP, etc...) and writing SQL scripts and web code (HTML/JavaScript/etc.)
  • Knowledge of penetration testing against a wide variety of application layer platforms, including web, mobile, thick client, and Reverse Engineering, above and beyond running automated tools
  • Strong understanding of REST API, Security Testing, DAST and SAST tools
  • Ability to perform both manual and automated code reviews
  • General understanding of some of the following security tools – Burp Suite, ZAP, SQLMap, SQLNinja, Metasploit, Nessus, Wireshark, nmap, tcpdump, OSINT, Recon-ng, mimikatz, responder, maltego, aircrack-ng, Cain and Abel, JTR, hashcat, hydra, SET, Nikto, dirbuster, golismero, theHarvester, BeEf, Sparta, wfuzz
  • Passionate about information security and privacy
  • Well versed in security issues affecting financial service organizations as well as widespread data center operations, such as cloud and mobile technology solutions
  • Committed to an ongoing partnership with other high profile groups within the organization (e.g. software development) to insure information security objectives are being understood and embraced
  • Ability to anticipate problems and recommend decisive action
  • Excellent communication skills (both written and oral)
  • Ability to work collaboratively across the organization

HUGE PLUS IF YOU ARE/HAVE

  • Excellent working experience working with any technology like Objective-C, PHP, Golang, C++, Javascript, NodeJS, Linux, MySQL, etc...and implementing security standards & best practices for them.
  • Expert experience developing defense systems & mechanisms against cyber attacks.
  • Expert experience in thinking and being ahead of the game for all security matters.

Why You'll Love Working Here

We challenge ourselves every day to find better solutions and better ways to do things. We ask difficult questions and work together to solve them. We believe in doing the right things as well as doing things right. We value honesty, hard work, integrity, and transparency. We are committed to transforming people’s lives, will you join us today?

COMPENSATION & BENEFITS

  • Friendly, flexible, and fun working environment
  • Very attractive salary based on skills and experience
  • Free office lunch
  • Coffee, tea, snack bar everyday
  • Full income tax, insurance paid by company (Net Salary)
  • 13th month of salary
  • Great opportunity for career development
  • Company trip, team building, monthly party, etc.