- Identify and exploit vulnerabilities in commercial, open source, custom software applications and infrastructure across global stores and corporate environments.
- Align test reports and evidence according to Strategy, Governance, Risk, and Compliance (SGRC) processes. Past experience with PCI a plus.
- Perform application, web, mobile and network penetration tests using both automated and manual techniques
- Perform ad-hoc security consulting for IT and business partners
- Develop scripts, tools, methodologies and best practices to improve offensive capabilities
- Demonstrate advanced knowledge of operating systems internals and cloud environments. Past experience with Azure and Oracle preferred.
- Participation in Research and Development, and Product Management thought leadership to emphasis Information Security considerations early in the conceptual decision-making processes.
- Participate in the development and execution of the security awareness strategy
- Participate in the development and maintenance of security reference architectures
- Maintain the incident response process and perform incident response as necessary
- BA in Computer Science or comparable practice / experience
- Security certification such as CISSP, OSCP, OSCE, GPEN, or equivalent.
- Minimum 2 years of relevant experience in IT Security function / IT risk management and / or relevant positions with consulting / audit companies operating in the local market.
- Ability to script and build automation to eliminate reoccurringepetitious work with experience in Python or Java
- Experience with penetration testing tools like Burp Suite, Metasploit, Nmap
- Attractive package and compensation,
- Young and active environment in one of the top Fintech Company in Vietnam,
- All Ideas are appreciated – No barriers- No limitation,
- Performance-based bonus,
- Private Healthcare Insurance package
- Chance to work with strong people with oversea experienced.
- Career path development