We are looking for a qualified security test analyst with recent and relevant working experience as a software security tester. You’ll be responsible for the execution of security tests on a wide variety of internal and external-facing web-based applications. You also will assist with the continuous improvement of the processes critical to the success of the team. In this role, you will be helping DevOps and development teams.
Duties and Responsibilites
- Perform penetration tests on computer systems, networks, and applications
- Create new testing methods to identify vulnerabilities
- Perform physical security assessments of systems, servers, and other network devices to identify areas that require physical protection
- Pinpoint methods and entry points that attackers may use to exploit vulnerabilities or weaknesses
- Search for weaknesses in common software, web applications, and proprietary systems
- Research, evaluate, document, and discuss findings with IT teams and management
- Review and provide feedback for information security fixes
- Establish improvements for existing security services, including hardware, software, policies, and procedures
- Identify areas where improvement is needed in security education and awareness for users
- Be sensitive to corporate considerations when performing testing (i.e. minimize downtime and loss of employee productivity)
- Stay updated on the latest malware and security threats
Skills and Competencies:
- Candidate must possess a Bachelors Degree in Information Technology, Computer Science, Engineering, or other relevant programs.
- Minimum of 7 years of Security Vulnerable, Exploitation, and Penetration testing experience.
- Experience with OWASP testing Guide / Open Source Security Testing Methodology Manual.
- Experience deploying enterprise security testing solutions.
- Certified Ethical Hacker (CEH).
- Offensive Security Certified Professional (OSCP).
- Other relevant certifications (e.g., OSWE, OSCE, GPEN) are a plus.
- Proficiency in using penetration testing tools such as Metasploit, Burp Suite, Nessus, Wireshark, and Nmap.
- Experience with pen-testing process automation (eg. scripting).
- In-depth knowledge of common vulnerabilities and attack vectors, as well as the ability to exploit them.
- Background with Qualys, Tenable, and OpenVAS Vulnerability Scanners.
- Strong understanding of network protocols, operating systems, and web application technologies.
- Ability to perform application and infrastructure threat modelling.
- Strong communication skills, both written and verbal, to effectively convey findings and recommendations to technical and non-technical stakeholders.
Contract Type: Full-Time
Location: BGC Taguig Philippines
Division: Technology
Organization: Solutions 30 (S30)
Assigned Recruiter: MaryAnne.Tablate
Sorry! This job has expired.