ITC Software

Tóm tắt công việc

• Perform manual and automated penetration testing using ethical hacking methodologies on infrastructure, web/mobile/API applications, cloud, and internal environments.
• Identify, exploit, and document vulnerabilities in staging and production systems, simulating real-world white-hat attack scenarios.
• Develop threat models and conduct attack simulations aligned with the MITRE ATT&CK framework.
• Configure and monitor SIEM, EDR, IDS/IPS, and other threat detection tools.
• Collaborate with DevSecOps and cloud teams to secure CI/CD pipelines and Infrastructure as Code (IaC).
• Participate in incident response activities: log analysis, forensics, root cause analysis, remediation support.
• Educate developers and engineers on secure design, secure coding practices, and security testing methodologies (e.g., OWASP Top 10, SANS Top 25).
• Maintain clear technical documentation, threat reports, and testing summaries.

• Salary: $4000 - $6000
• Work on real-world security challenges with a high-impact team.
• Competitive salary and benefits in Malaysia’s leading tech hubs.
• Opportunity to shape secure architecture and educate teams on security best practices.
• Collaborate in a culture that values ethical hacking, continuous learning, and knowledge sharing.

Benefits for Developers Onsite in Malaysia

When working onsite in Malaysia, you will receive dedicated support to ensure a smooth and comfortable working and living experience:

• Work hours: 8 hours per day, with standard office hours from 8:00 AM to 5:00 PM (lunch break from 12:00 PM to 1:00 PM).
• Leave entitlements: 5 days of paid leave per month, which can be accumulated for extended vacations, travel, or visiting family. Every 6 months, you’ll enjoy an additional 15 days of paid leave with company-sponsored return flights to Vietnam.
• Flight support: Round-trip flight tickets to Malaysia at the start of your assignment, plus return flights to Vietnam every 6 months to stay connected with your family.
• Accommodation and living costs: Full support for housing and daily living expenses. The company ensures you have everything you need for a comfortable stay, including dedicated assistance with all living arrangements.
• Visa and legal assistance: Full visa sponsorship and help with all necessary legal procedures for a smooth relocation.
• Working equipment: All essential gear provided to ensure your optimal productivity and comfort.
• Modern workspace: Our office is located in the heart of Kuala Lumpur—a vibrant, modern city with excellent metro access, shopping malls, parks, and amenities surpassing what many major cities offer, including Saigon.
• Local team support: Ongoing assistance from our local HR and admin teams to make your time in Malaysia stress-free and enjoyable.
• Continued company perks: You’ll continue to enjoy all company-wide policies and benefits as if you were working from Vietnam.
• If you’re excited about writing clean, scalable code while living and working in one of Southeast Asia’s most dynamic cities, we’d love to hear from you!

• 2+ years of experience in information security or a related field.
• Proven hands-on experience in ethical hacking, vulnerability assessment, penetration testing, and exploit analysis.
• Familiarity with tools such as Burp Suite, Nmap, Metasploit, Wireshark, Nessus, Nikto, etc.
• Solid understanding of:
  • OWASP Top 10, SSRF, XSS, SQLi, RCE, and other common web vulnerabilities.
  • Secure network and OS configurations (Linux, Windows).
  • Basic cloud security concepts (IAM, S3 policies, Security Groups – AWS/GCP/Azure).
• Exposure to SIEM tools (Splunk, ELK), firewalls, endpoint protection, IDS/IPS.
• Scripting ability in Python, Bash, or PowerShell for automation tasks.
• Strong analytical skills, with a curious, attacker-like mindset and desire to learn new vulnerabilities.

Nice to Have

• Security certifications (e.g., CompTIA Security+, CEH, eJPT, or other white-hat credentials).
• Participation in bug bounty programs, CTF competitions, or publishing ethical hacking write-ups.
• English is not required, but proficiency can be a plus — even in salary considerations.