AlamatAbout The Job:
We are looking for a passionate security professional who has a proven track record. Here, we will improve the security of the application and the company by focusing on building automation and continuous checking. You will be part of the change and progress to the new way of security management.
Responsibilities:
- Perform regular security assessments & penetration testing for applications,
- Monitor security alerts and incidents, and investigate potential security breaches.
- Develop and continuously improve current Security Orchestration, Automation, & Response to Application Development,
- Create weekly and monthly reports of security monitoring, security incidents, & penetration testing.
- Collaborate with other teams to handle security technology, issues, incidents & awareness,
- Participate in PCI DSS and ISO 27001 audits.
- Willing to learn new knowledge in the field of Cyber Security and continuously update skills to evolving cyber threats.
Requirements:
- Minimum 3 years of experience in Information Security,
- Good communication skills, able to explain technical language to business users,
- Team player, able to work together with peers in the technology team and other employees,
- Experienced in penetration testing (web application / mobile application),
- Experienced in hybrid infrastructure & Kubernetes (OnPremises and Cloud GCP),
- Experienced in using security defense technologies (such as SIEM, Firewall, etc),
- Experienced in security incidents and investigations,
- Experienced in scripting and programming (Java/ Python/ Golang),
- Experienced with risk scoring (OWASP Risk Rating, CVSS),
- Experienced working with SQL languages (such as PostgreSQL, MySQL, etc),
- Experienced using versioning control (Git),
- Experienced with CI/CD pipelines, including SAST and DAST using proper technology,
- Good in written, and verbal communication and presentation skills,
- Cloud Security Posture Management(CSPM) knowledge will be an added advantage.
- Having Professional Certifications such as OSCP/ OSWE/ CRT/ GCIH/ GMON/ CSSLP/ CEH or other relevant certificates is a plus.
