Security Engineer Offensive Security

Axonect


Job Location:

Kuala Lumpur - Malaysia

Monthly Salary: Not Disclosed
Posted on: 4 hours ago
Vacancies: 1 Vacancy

Job Summary

Overview

We are looking for smart talented and self-motivated cyber security professionals to join our fast-growingSecurity Operations team at Axiata. As an Offensive security engineer you will be working with companiesacross Southeast Asia to solve security challenges at scale and speed. If you are passionate about all thingscyber security and looking for an exciting every day then this role is for you!

Key Responsibilities

  • Perform manual penetration testing of web application mobile API and networks to discover andexploit vulnerabilities
  • Clearly document communicate findings and remediation recommendations to the application/serviceowners
  • Liaise with internal stakeholders to ensure timely delivery of security assessments
  • Perform regular VA/PT of web mobile network and API applications
  • Identify the internet exposure of our operating companies and constantly evaluate the security posture
  • Document vulnerabilities impact and recommendations in a systematic manner
  • Take on security challenges take ownership of them and drive them to completion

Person Specifications

Required Qualifications

  • Minimum 2 years of experience performing vulnerability assessments and penetration testing on Web/Mobile/Network/API applications
  • Excellent understanding of OWASP Top 10 vulnerabilities and its mitigations
  • Clear understanding of networking fundamentals: OSI layers TCP/IP protocols etc.
  • Experience working on a GNU/Linux based penetration testing operating system and the command line(such as Kali Linux Parrot BlackArch etc.)
  • Experience with automation scripting and fluent in at least one programming/scripting language
  • Experience working on open-source and commercial tools like Burp Suite Nuclei Frida Nessus etc.
  • Good spoken and written English skills

Preferred Qualifications

  • Security certifications: OSCP OSWE CRTP GIAC certs or equivalent
  • Knowledge of Cloud penetration testing: AWS Azure etc.
  • Knowledge of Windows penetration testing: Active Directory Azure ADCVE publications knowledge of exploit development
  • Talks/workshops organized at security conferences
  • Excellent bug bounty track record
  • Open-source contributions made to security tools scripts & solutions
  • Development background and code review capabilities
  • Experience with OT penetration testing
Overview We are looking for smart talented and self-motivated cyber security professionals to join our fast-growingSecurity Operations team at Axiata. As an Offensive security engineer you will be working with companiesacross Southeast Asia to solve security challenges at scale and speed. If you are...