Job Summary
Job description
Overview of job
The position is based in Ho Chi Minh City. The role will report to the IT Governance & Security Manager, and handle the following responsibilities:
1.Own and conduct end-to-end penetration testing for the Company's systems:
- Perform security testing of web/mobile applications, networks, and operating systems.
- Conduct attack exploitation using manual penetration testing (MPT) and automatic tools according to the security test plan and checklist.
- Create a security report and provide applicable recommendations based on the test performed.
- Provide summary reports that will help the board of management team understand the company's security posture.
2.Join the Incident Response Team:
- Collaborate with other IT teams and user departments to handle information security incidents, analyze application logs, security logs, trace root causes, detect actors, propose solutions to prevent attacks, and develop best practices to enhance security systems.
3.Participate in the projects:
- External partners for independent security assessment: propose the scope of services; understand and verify the findings in penetration testing projects; etc.
- Security solutions implementation or enhancement projects: analyze and develop security protection requirements; evaluate the proposal; validate the deliveries; etc.
4.Self-development:
- Research and self-improve on new attack exploitation methods and appropriate security standards.
- Perform other tasks as required by the manager.
5.Other tasks assigned by superiors
Job Requirement
- Graduated from a university or higher education, major in computer science.
- Have 3 years of experience in testing OWASPTop 10, web applications, mobile applications, APIs, network penetration testing, and performing as a red team member.
- In-depth knowledge of penetration testing tools and common vulnerabilities.
- Ability to read and analyze system, database, and application logs.
- Ability to present the security penetration testing report (in English and Vietnamese) and explain it to the technical team, while ensuring that the summary section is understandable by the business management team.
- Honesty, meticulous, careful, enthusiastic and high sense of responsibility at work.
- While Vietnamese communication skills are essential, this position also requires good English communication skills (both written and spoken) in the workplace.
- The candidate possessing any or some of the following expertise is a plus:
- Experience in a cyber incident response team.
- Proficiency in web application programming languages (C#, PHP, Python).
- Experience in source code review. d) Proficiency in programming scripts to perform security testing.
- International security certificates such as CEH, OSCP, etc.
Practice in HackTheBox lab environment, Portswigger, or participation in CTF programs, bug bounty, etc
Languages
-
English
Speaking: Intermediate - Reading: Intermediate - Writing: Intermediate
Technical Skill
- OWASP
- Web App
- Mobile App
- PHP
- C#
- Python
- Penetration testing
- CEH
- OSCP
COMPETENCES
- Honest
- Careful
- Enthusiastic
- Responsible
BUSINESS PROFILE
Gene Solutions aims to become the nation’s leading genetics research & development brand.
Over the years, Gene Solutions has taken steps to develop and constantly invest in building a strong and excellent R&D team, focusing on researching and applying useful technologies that have been certified in the world in order to bring new products and services to customers. The latest genetic testing with the best quality and the most reasonable cost, increasing Vietnamese people's access to essential genetic tests for prevention, examination and treatment, improving the quality of medical examination and treatment. treatment, contributing to improving the quality of medical services and health for the community.