Senior Penetration Tester in Phnom Penh

JobNet Support Services

OK to Continue

Yes No Thanks

JobNet Support Services

OK to Continue

Job Seeker Reactivate Your Account

Thank you, this account has been Deactivated.
Do you want to Reactivate your account?

Yes

Report this Info or Abuse X

Your email address Invalid Email Please Enter

Reason for reporting Ad Please Choose

Describe why Ad looks Wrong Please Enter

Submit Cancel

Senior Penetration Tester

(Software Tester)

WING BANK (CAMBODIA ) PLC

Boeng Keng Kang | Phnom Penh

1 Post

Apply Here

Company Profile Jobs From this Company 136

Sorry, Unable to Apply

55%

Please Upload CV Attachment, or update your JobNet Profile to at least 55% of completion.

Upload CV

Update Profile

Senior Penetration Tester

WING BANK (CAMBODIA ) PLC, Boeng Keng Kang | Phnom Penh

Apply Here

Senior Penetration Tester

WING BANK (CAMBODIA ) PLC

Apply Here

Senior Penetration Tester

(Software Tester)

WING BANK (CAMBODIA ) PLC

Cambodia - Phnom Penh

Boeng Keng Kang | Phnom Penh

1 Post

2 day(s) ago

Apply Here

Experience level

Experienced Non-Manager

Job Function

IT Hardware, Software

Job Industry

Banking/ Insurance/ Microfinance

Min Education Level

Bachelor Degree

Job Type

Full Time

Job Description

A Big Opportunity for ...

Work with relevant stakeholders to plan penetration testing and remediation.
Conduct periodic penetration test on web app, API, mobile apps, network devices and severs.
Maintain deep understanding of company’s security controls and critical assets.
Install, setup and implement hacking tools.
Build and develop hack, attack tools.
Build/Create attack (TTPs), attack flow.
Tunning or customize security testing tools.
Develop, build, and manage C2 servers.
Create malware and generate payload to hack and attack defense systems.
Scanning and exploit systems weakness, flaw, design, and configuration settings.
Test and attack security products or security solutions to ensure the controls effectiveness.
Test, execute and emulate specific threats or threat scenarios.
Crack and reverse engineering.
Find the way to stop/disable and bypass security controls.
Find the way to exfiltrate sensitive data from the networks.
Create hack/attack detail report and maintain documents.
Collaborate with defensive team to security controls.
Provide training to defensive team (blue team, SoC team).
Provide input on security architecture, features, design.
Stay informed on current security/threats trends, advisories, publications, and security research that is relevant to our organization.
Work and verifying the security of third-party vendors and collaborating with them to meet security requirements.
Verifying the security of third-party vendors and collaborating with them to meet security requirements.
Coordinate between internal and external firm Audit, BNC and other
Coordinate between internal and external Penetration Test firm
Coordinate between internal and external PCI-DSS or ISO standard firms to completed project.

Open To

Male/Female

Job Requirements

Bachelor’s degree in information technology, preferably in Computer Science.
Security Certifications: Hold certifications such as PenTest+, CEH, OSCP, or equivalent.
Self-Learning: A strong emphasis on self-driven learning, including pursuing security-related courses or personal lab development, is a plus.
At least 3 years of hands-on experience in penetration testing, demonstrating a proven ability to carry out security assessments.
Familiarity with the MITRE ATT&CK framework for threat intelligence and adversary behavior modeling.
Knowledge of Common Software Weaknesses: Understanding of the Top 25 Most Dangerous Software Weaknesses.
Familiarity with Vulnerability Standards: Understanding of CVE, CWE, CPACE, and CVSS.
Penetration Testing Frameworks: Knowledge or experience with frameworks such as OSSTMM, ISSAF, PTES, and OWASP.
Programming Skills: Proficiency in languages such as PHP, Java, JavaScript, Shell Scripting, PowerShell, and Python.
Secure Development Frameworks: Experience or knowledge of secure software development practices.
Mobile Development: Experience in Android and iOS development and security testing.
Networking Fundamentals: Strong understanding of networking principles, including the OSI/TCP-IP model.
Penetration Testing & Vulnerability Scanning: Experience with penetration testing tools and vulnerability scanning techniques.
DevOps & DevSecOps: Familiarity with DevOps practices and integration of security into the software development lifecycle (DevSecOps).
Operating Systems: Proficient in working with Windows and Linux operating systems.
Virtualization & Cloud Solutions: Experience with virtualization, containers, and cloud-based solutions (e.g., AWS, Azure).