Vulnerability Analyst and Penetration Tester

Why work with us

At TDG, the word digital does not merely translate to technology, but it signifies something far more revolutionary and life-changing. As a leading Pan-Asian start-up, we have prime leaders and experts across industries that seek to enhance you professionally and we can grow together as a company. Accompanied by creative, technical, and data-minded specialists, we believe TDG is a unique working experience at the epicenter of digital innovation.

What you will be doing

• Performs security vulnerability assessment and penetration testing of internal, perimeter, external and wireless networks and web and mobile applications.
• Identifies security weaknesses and vulnerabilities, and non-compliance within the MDR Centre constituency
• Characterizes threats and provides recommendations for remediation
• Advises appropriate business units on technical configuration and process changes, remediation, and best practices to adapt to changing threats, vulnerabilities, and new attack methods
• Conducts follow-up assessments to ensure proper action has been taken
• Researches and develops testing tools, techniques, and processes
• Maintains, executes, and refines processes to monitor, collect and update information about threats and vulnerabilities

What we are looking for

• Bachelor’s degree in a related field such as information security, management, or computer engineering
• Experience in security incident management and response, threat modeling, penetration testing, and/or secure application development
• Active OSCP, GPEN, GWAPT, GXPN, CEH, ECSA, LPT certifications are good to have
• Other relevant certifications (such as GCIH, GCIA, GCFA, and others) are desirable
• Experience in architecture design and assessment (manual approach to penetration testing)
• Good working knowledge of security concepts for both Windows and Unix-related operating Systems
• Familiar with application and infrastructure vulnerabilities
• Experience with exploit research and mitigation
• Good working experience using various assessment tools, such as scanners, administrative utilities, local proxies, debuggers, fuzzier, etc.
• Good working knowledge of web technologies, solutions, and attack vectors that apply to application technologies, such as OWASP
• Experience with threat modeling methodologies
• Experience with security source code review or development experience in C/C++, C#, VB.NET, ASP, or Java

Our Commitment To You

We value our people and have the mission to attract and retain exceptional talent. We work in a truly agile environment where opinions are encouraged collaboration…everyone has an opinion…opinions are valued…and have no time for finger-pointing and politics, instead we test & learn and celebrate successes as a team.

We will provide a training and coaching program to all our team members, tailored to your development needs and aspirations. This can cover a wide range of skills, like mastering new technologies, further developing your skills in presenting to a non-technical audience or supporting you to grow in a leadership position.

Our Offer

Employee Provident Fund – Annual Bonus - Annual health check-up - Medical Service @Workplace – Medical Expense Reimbursement - Health & Life Insurance - Fitness, Spa, Day care – Employee Privileges – Employee Loan - Education Loan - Scholarship for Employees' Children - Learning Center - Staff Activities - Smart Casual

------------------------------------------------------------------------------------------------------------------------------------------------------

Privacy Policy

True Digital Group attaches great importance to applicant privacy, hence we provide the privacy notice to inform you of our policy with regard to your personal data. For more information, please visit this website: https://hr.truecorp.co.th/app/pdpa/ApplicantPrivacy