We are looking for smart talented and self-motivated cyber security professionals to join our fast-growingSecurity Operations team at Axiata. As an Offensive security engineer you will be working with companiesacross Southeast Asia to solve security challenges at scale and speed. If you are passionate about all thingscyber security and looking for an exciting every day then this role is for you!
Key Responsibilities
Perform manual penetration testing of web application mobile API and networks to discover andexploit vulnerabilities
Clearly document communicate findings and remediation recommendations to the application/serviceowners
Liaise with internal stakeholders to ensure timely delivery of security assessments
Perform regular VA/PT of web mobile network and API applications
Identify the internet exposure of our operating companies and constantly evaluate the security posture
Document vulnerabilities impact and recommendations in a systematic manner
Take on security challenges take ownership of them and drive them to completion
Person Specifications
Required Qualifications
Minimum 2 years of experience performing vulnerability assessments and penetration testing on Web/Mobile/Network/API applications
Excellent understanding of OWASP Top 10 vulnerabilities and its mitigations
Clear understanding of networking fundamentals: OSI layers TCP/IP protocols etc.
Experience working on a GNU/Linux based penetration testing operating system and the command line(such as Kali Linux Parrot BlackArch etc.)
Experience with automation scripting and fluent in at least one programming/scripting language
Experience working on open-source and commercial tools like Burp Suite Nuclei Frida Nessus etc.
Good spoken and written English skills
Preferred Qualifications
Security certifications: OSCP OSWE CRTP GIAC certs or equivalent
Knowledge of Cloud penetration testing: AWS Azure etc.
Knowledge of Windows penetration testing: Active Directory Azure ADCVE publications knowledge of exploit development
Talks/workshops organized at security conferences
Excellent bug bounty track record
Open-source contributions made to security tools scripts & solutions
Development background and code review capabilities
Experience with OT penetration testing
Overview We are looking for smart talented and self-motivated cyber security professionals to join our fast-growingSecurity Operations team at Axiata. As an Offensive security engineer you will be working with companiesacross Southeast Asia to solve security challenges at scale and speed. If you are...
Overview
We are looking for smart talented and self-motivated cyber security professionals to join our fast-growingSecurity Operations team at Axiata. As an Offensive security engineer you will be working with companiesacross Southeast Asia to solve security challenges at scale and speed. If you are passionate about all thingscyber security and looking for an exciting every day then this role is for you!
Key Responsibilities
Perform manual penetration testing of web application mobile API and networks to discover andexploit vulnerabilities
Clearly document communicate findings and remediation recommendations to the application/serviceowners
Liaise with internal stakeholders to ensure timely delivery of security assessments
Perform regular VA/PT of web mobile network and API applications
Identify the internet exposure of our operating companies and constantly evaluate the security posture
Document vulnerabilities impact and recommendations in a systematic manner
Take on security challenges take ownership of them and drive them to completion
Person Specifications
Required Qualifications
Minimum 2 years of experience performing vulnerability assessments and penetration testing on Web/Mobile/Network/API applications
Excellent understanding of OWASP Top 10 vulnerabilities and its mitigations
Clear understanding of networking fundamentals: OSI layers TCP/IP protocols etc.
Experience working on a GNU/Linux based penetration testing operating system and the command line(such as Kali Linux Parrot BlackArch etc.)
Experience with automation scripting and fluent in at least one programming/scripting language
Experience working on open-source and commercial tools like Burp Suite Nuclei Frida Nessus etc.
Good spoken and written English skills
Preferred Qualifications
Security certifications: OSCP OSWE CRTP GIAC certs or equivalent
Knowledge of Cloud penetration testing: AWS Azure etc.
Knowledge of Windows penetration testing: Active Directory Azure ADCVE publications knowledge of exploit development
Talks/workshops organized at security conferences
Excellent bug bounty track record
Open-source contributions made to security tools scripts & solutions
Development background and code review capabilities