Vulnerability Analyst and Penetration Tester
Thailand
True Digital Group
Enabling Digital Transformation As a subsidiary of True Corporation, a leading communications conglomerate in Thailand, True Digital Group (TDG) ambition is to transform Thailand and the region for digital revolutions. uncover new...Be A Part Of TDG
We aim to be an integral part of Thai consumers’ everyday digital activities. As the leading figure in this field, our highest objectives are to deliver integrated digital lifestyle, point and pay, and enable technology service provider in Thailand with regional presence. With our merchants covering all facets of daily lifestyle and transactions, we firmly believe that our key target of being the prime digital media and telco ecosystem is within our reach.
Why Work With Us?
To us, the word digital does not merely translate to technology, but it signifies something far more revolutionary and life-changing. As a start up corporation, we have prime leaders and experts from various industries that seek to enhance you professionally and grow together as a company. Accompanied by creative and data-minded specialists, we believe in extraordinary happenings.
TDG Cyber Security
Our team's mandate is to provide world-class service in Cyber Security as the leading Cyber Security service provider in Thailand and ASEAN Market. You will be joining TDG's Cyber Security team to protect our clients from cybercrime and support multifaceted countermeasures against cyber attacks by Threat Intelligence and remediation automation.
Key Responsibilities
- Performs security vulnerability assessment and penetration testing of internal, perimeter, external and wireless network and web and mobile applications.
- Identifies security weaknesses and vulnerabilities, and non-compliance within the MDR Centre constituency.
- Characterizes threats and provides recommendation for remediation.
- Advises appropriate business units on technical configuration and process changes, remediation and best practices to adapt to changing threat, vulnerabilities and new attack methods.
- Conducts follow up assessment to ensure proper action has been taken.
- Researches and develops testing tools, technique and process.
- Maintains, executes and refines processes to monitor, collect and update information about threats and vulnerabilities
Qualifications
- Bachelor degree in a related field such as information security, management or computer engineering.
- Experience in security incident management and response, threat modelling, penetration testing and/or secure application development.
- Active OSCP, GPEN, GWAPT, GXPN, CEH, ECSA, LPT certifications good to have.
- Other relevant certifications (such as GCIH, GCIA, GCFA and others) desirable.
- Experience in architecture design and assessment (manual approach to penetration testing).
- Good working knowledge of security concepts for both Windows and Unix related operating Systems.
- Familiar with application and infrastructure vulnerabilities.
- Experience with exploit research and mitigation.
- Good working experience using various assessment tools, such as scanners, administrative utilities, local proxies, debuggers, fuzzier, etc.
- Good working knowledge of web technologies, solutions and attack vectors that apply to application technologies, such as OWASP.
- Experience with threat modelling methodologies.
- Experience with security source code review or development experience in C/C++, C#, VB.NET, ASP, or Java.
- Familiar with application reverse engineering techniques and procedures.
- Good working knowledge of IDS and AV evasion techniques.
- Working experience in a MDR Centre, Security Operations Centre (SOC), Managed Security Service Provider (MSSP) or enterprise network environment preferred
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation C CEH Compliance Cyber crime ECSA Exploit GCFA GCIA GCIH GPEN GWAPT GXPN IDS Java OSCP OWASP Pentesting Reverse engineering SOC Threat intelligence UNIX Vulnerabilities Windows
Perks/benefits: Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs