Application Security Specialist & Penetration Tester

Wizlynx Cyber Security Limited-company-logo
Application Security Specialist & Penetration Tester
Wizlynx Cyber Security Limited
网络安全
中西区, 香港
7 天前
实习
办公室工作
技术、信息和媒体
工作描述
52 天前
Key Role

As Application Security Specialist & Penetration Tester, you will lead and execute a variety of engagements, conducting secure code review and advanced hands-on penetration testing beyond automated tool validation, which will focus on targets that may include network devices, servers, web and mobile apps, web APIs, wireless infrastructures, IoT devices, and other information systems.

You will have the opportunity to combine technical expertise with your imagination to conduct targeted attacks and discover vulnerabilities, with the goal of ensuring wizlynx group’s customers remain one step ahead of its adversaries.

This role will be part of a team of Cyber Security Experts, providing excellent services to customers and internal teams.

What your keys responsibilities will be
• Responsibilities may include the following, but are not limited to:
• Lead and execute secure code review, network, web application, wireless penetration tests that will vary in level of complexity from simple to potentially complex
• Author quality secure code review and penetration test reports with professional documentation of identified and exploited vulnerabilities/weaknesses
• Provide detailed remediation guidance for findings
• Serve as a consultant in pre-sales, including assessment of client needs, project scopes and proposal preparation
• Share all knowledge and training with internal colleagues and teams
• Maintain up-to-date knowledge of the IT security industry, including awareness of new or revised security solutions, security standards, trends / best practices, offensive techniques, tools and software development paradigms

What we are looking for

Minimum Experience:
• Bachelor’s degree, preferably in computer science or information systems, or equivalent work experience
• Minimum of one year professional experience in penetration testing and code review
• Technical knowledge across a broad range of computing platforms and network protocols
• High proficiency in a variety of operating systems such as Unix/Linux/Mac/Windows operating systems, including bash and PowerShell
• High proficiency in manual techniques for penetration testing (network equipment, servers, web applications, APIs, wireless, mobile, databases, and other information systems)
• Proven professional experience testing web applications for common web application security vulnerabilities as defined by OWASP, including input validation vulnerabilities, broken access controls, session management vulnerabilities, cross-site scripting issues, SQL injection and web server configuration issues
• Good knowledge of both static and dynamic analysis of an application, be it web-based, mobile app, or standalone
• Experience with tools such as Microfocus Fortify or Checkmarx are an asset
• Ability in reviewing source code, including the evaluation of best practices for the platform/framework in use
• Very good knowledge of one or more of the following programming languages & frameworks: Python, .NET, Perl, and Java.
• Tools – Proxies, Port Scanners, Vulnerability Scanners, Exploit Frameworks (ex: Burp, Nessus, Nmap, Metasploit)
• Strong oral and written communication skills, including a demonstrated ability to prepare quality documentation and presentations for technical and non-technical audiences
• Certifications such as OSCP, OSCE, OSWE, CREST CRT, GIAC (GXPN, GWAPT, GPEN, GMOB, GWEB) others are an asset

Language Skills:
• Excellent communication skills in English and Cantonese (written and spoken); Other languages are an advantage.

Soft Skills:
• Excellent interpersonal skills, capable to interact with people at all levels; team player
• Action-oriented and results driven
• Organized with strong time-management skills
• Ability to dynamically switch among different tasks
• Flexible attitude, reliable
• Customer friendly approach and appearance
• Willingness to travel
• Strong problem-solving and analytical skills

What we are offering you

You will get the opportunity to work with the best cyber security experts in a multi-cultural environment.

At wizlynx group, you will also have the chance go to conferences, participate to ethical hacking competitions, attend advanced trainings and pass highly recognized certifications. We are offering you to work in a thrilling, challenging but fun environment where what you do is important and meaningful. At wizlynx, there is no limit but the sky. If you wish to learn and get involved in other areas of cyber security or the business, we will ensure that you get all the help you need to succeed. Furthermore, as senior penetration tester, you will be part of the wizlynx red teaming services consisting in emulating real-world threats using cybercriminals TTPs. You will get dedicated time for security research on topics that interest you the most.

Who we are

wizlynx group is an ethical, trustworthy, and vendor agnostic Swiss Cyber Security provider. Our customers rely on us to effectively protect their business and trade secrets against any form of cybercrime, such as malware outbreak, malicious insiders, cyberattacks, cyber espionage, data leakage, and more.

We live and breathe Cyber Security! For this reason, we have designed a service portfolio that covers the entire risk management lifecycle to ensure our customer benefits the most from our passion and experience, but primarily to maximize their protection.

Our Cyber Security Services rely on highly skilled security professionals and penetration testers with long-lasting experience, both in defense and offense, while holding the most recognized certifications in the industry.

Apply now if you think you are a good match! We will respond to let you know what the next steps are, but in the meantime feel free to check us out: https://www.wizlynxgroup.com/
分享到
更多类似工作
Wizlynx Group-company-logo
Application Security Specialist
Wizlynx Group
中西区, 香港
Wizlynx Group-company-logo
Cyber Security Consultant
Wizlynx Group
中西区, 香港
Centurion Information Security-company-logo
Penetration Tester
Centurion Information Security
中西区, 香港