about the company
This organization has climbed through the ranks within the market already being saturated and is now one of the market leaders with a household name that is hard to miss.
about the job
The candidate will be championing a new pillar that has been established and will be leading a team that is looking to expand further in the coming years. This role will be highly focused on the penetration testing (pentesting) aspect of cybersecurity. Hence, candidates would be required to carry at least 2+ years of experience in this space with mentorship being the minimum people management experience.
about the team | manager
You’ll be reporting to the group CISO that has displayed significant mastery in both technical knowledge and people management skills.
skills and experience required
- Security system hardware, software, and integration-related components should be tested and implemented.
- Keep up-to-date knowledge of the IT security industry, including awareness of new or changed security solutions, security standards, trends / best practises, offensive strategies, and tools
- To detect vulnerabilities and suggest remedial action, conduct security assessments, including penetration tests and vulnerability assessments, on networks, applications, and information systems.
- Review physical security, social engineering testing, network, online, mobile, and other associated cyber security measures on a regular basis.
- Provide specific advice on how to address findings
- Assist in the planning, execution, and coordination of all information system audits, regulatory inspections, and third-party penetration testing programmes.
- Review and validation procedures should be carried out for all network and web application security-related findings made by outside testers.
- Write effective penetration test reports that provide expert documentation of found and exploited vulnerabilities and weak points.
- Perform thorough analyses of the systems where it's possible that major IT infrastructure breaches have happened, provide root cause analysis, impact assessments, and quick response to help catch the culprits and make suggestions to help prevent such events.
- After the vulnerability assessment, help the Infrastructure and Application Teams prioritize security updates.
- Accountable for planning and methodically finishing any necessary supporting paperwork to back up the work done.
- Bachelor's degree, ideally in information systems or computer science, or comparable work experience
- 4+ years of direct experience in information security or a comparable position
- 2 years minimum of professional penetration testing experience
- Having expertise in a variety of computing platforms and network protocols
- High expertise with a range of operating systems, including Unix, Linux, Mac, and Windows
- knowledge of manual penetration testing techniques (network equipment, servers, web applications, APIs, wireless, mobile, databases, and other information systems)
- Professional testing experience for OWASP-defined common web application security flaws, such as input validation flaws, broken access restrictions, session management flaws, cross-site scripting problems, SQL injection, and web server configuration problems
- Proxies, port scanners, vulnerability scanners, and exploit frameworks are examples of tools (ex: Burp, Nessus, Nmap, Kali Linux)
- Strong written and verbal communication abilities, including the ability to create presentations and documentation of a high standard for both technical and non-technical audiences.
- Applicants will have an advantage if they hold any professional certifications that address vulnerability assessment and penetration testing.
- It will be advantageous to be familiar with standards and specifications like ISO27001, NIST, PCIDSS, and those of financial authorities (such GPIS/RMiT).
how to apply
If you are ready to take the next leap in your career, use the 'apply' function. You may reach out to our Cybersecurity Recruitment Consultant: Prassath Jay | firstname.lastname@example.org | LinkedIn | for a confidential chat.
For more Cybersecurity jobs, visit the Randstad Website and drop your profile.