be Group

Tóm tắt công việc

1. Penetration Testing and Vulnerability Assessment:

• Perform advanced penetration testing on web applications, mobile applications, networks, and IT infrastructure.
• Identify security vulnerabilities and assess their potential impact.
• Conduct manual and automated security testing.
• Simulate real-world attack scenarios to evaluate the effectiveness of existing security controls.

 2. Security Assessment and Reporting:

• Document and report vulnerabilities along with comprehensive risk assessments and remediation recommendations.
• Develop detailed and structured penetration testing reports for stakeholders.
• Provide post-assessment debriefings to management and technical teams.

 3. Security Tooling and Automation:

• Develop, maintain, and enhance automated security testing frameworks.
• Evaluate and implement new tools and technologies to improve penetration testing capabilities.

4. Research and Innovation:

• Keep abreast of emerging threats, vulnerabilities, and industry best practices.
• Develop and share knowledge on new attack vectors, techniques, and mitigation strategies.

5. Collaboration and Support:

• Work closely with PO, SRE, developers, and security teams to resolve identified vulnerabilities.
• Participate in incident response and forensic analysis when required.
• Assist in the development of security policies and procedures.

Benefits

• 13th salary
• Social Insurance
• Medical healthcare
• Annual health check
• 15 days annual leave
• Transportation fee (BE's services)
• Performance bonus
• Holiday bonus
• Team Building and many engagement activities

Education & Experience

• Bachelor’s degree in computer science, Cybersecurity, Information Technology, or a related field.
• Relevant certifications are highly preferred (e.g., OSCP, OSWE, CEH).
• Minimum of 3-5 years of experience in penetration testing and vulnerability assessment.
• Proven track record of conducting successful penetration tests and identifying critical vulnerabilities.
• Strong experience with penetration testing tools (e.g., Burp Suite, Metasploit, Nessus, Nmap, Kali Linux).
• Hands-on experience with scripting languages (e.g., Python, Bash, PowerShell) to develop testing scripts.

Technical & Soft Skills

• In-depth understanding of web, mobile, and network security principles.
• Familiarity with secure coding practices and security testing methodologies (e.g., OWASP, NIST).
• Proficient in analyzing and exploiting common vulnerabilities (e.g., SQL Injection, XSS, CSRF).
• Strong analytical and problem-solving skills.
• Excellent verbal and written communication skills.