Information Security Specialist (Offensive Security)

Education

Graduate of any IT, or Engineering-related courses

Qualifications

Skills

• Experience in system administration of Unix like Operating Systems and/or Windows as well as system services or daemons
• Knowledgeable of TCPI/IP concepts and ability to analyze packet captures.
• Experience with various network and system security controls. 
• Understanding on the anatomy of various security incidents, ex: CSS, CSRF, SQL Injection, DDoS, rootkits, malware, OS exploitation, etc.
• Proficient written and verbal English communication skills
• Good understanding of Linux & Windows system internals Coding/Scripting skills in one or more languages (C/C++, C#, Ruby, Python, PowerShell)

Work Experience

• 3+ years of relevant experience in penetration testing and security assessments
• Previous hands-on experience with system and/or network administration
• Previous experience with Systems, networks, or Security Operations.

Duties and Responsibilities

KRAs of the position; Roles, responsibilities, and duties

• Plan and execute the following Penetration Testing on defined target systems/scope
  • Network Penetration tests
  • Web Application Penetration tests
  • Application Penetration tests
  • Cloud Infrastructure Pentest (AWS, Azure, Alibaba, etc.)
• Leverage knowledge of Advanced Persistent Threats (APTs) to develop red team simulations consistent with real-world attack scenarios
• Assists in managing penetration testing processes and procedures, and produce meaningful metrics and reports
• Assists in managing remediation including mentoring vulnerability management and penetration testers in working with Information Technology to architect solutions
• Others
  • Mobile application Penetration tests (Android, IOS, Windows Mobile) Embedded device tests
• To perform any task that may be assigned from time to time