Identify and exploit vulnerabilities in commercial, open source, custom software applications and infrastructure across global stores and corporate environments.
Align test reports and evidence according to Strategy, Governance, Risk, and Compliance (SGRC) processes. Past experience with PCI a plus.
Perform application, web, mobile and network penetration tests using both automated and manual techniques
Perform ad-hoc security consulting for IT and business partners
Develop scripts, tools, methodologies and best practices to improve offensive capabilities
Demonstrate advanced knowledge of operating systems internals and cloud environments. Past experience with Azure and Oracle preferred.
Participation in Research and Development, and Product Management thought leadership to emphasis Information Security considerations early in the conceptual decision-making processes.
Participate in the development and execution of the security awareness strategy
Participate in the development and maintenance of security reference architectures
Maintain the incident response process and perform incident response as necessary
Requirement
BA in Computer Science or comparable practice / experience
Security certification such as CISSP, OSCP, OSCE, GPEN, or equivalent.
Minimum 2 years of relevant experience in IT Security function / IT risk management and / or relevant positions with consulting / audit companies operating in the local market.
Ability to script and build automation to eliminate reoccurringepetitious work with experience in Python or Java
Experience with penetration testing tools like Burp Suite, Metasploit, Nmap
Benefit
Attractive package and compensation,
Young and active environment in one of the top Fintech Company in Vietnam,
All Ideas are appreciated - No barriers- No limitation,
Performance-based bonus,
Private Healthcare Insurance package
Chance to work with strong people with oversea experienced.