LG CNS Vietnam

Tóm tắt công việc

• Perform Web Application and API penetration testing based on OWASP Top 10 and industry best practices. 
• Analyze and validate True/False Positive results from SAST, DAST, and SCA security tools. 
• Develop Proof‑of‑Concept (PoC) exploits for identified vulnerabilities, including CVE-level issues. 
• Conduct Mobile Application Security Testing for Android and iOS platforms. 
• Perform manual penetration testing on web-based enterprise systems and prepare detailed security reports. 
• Provide guidance on Secure Coding Practices to development teams. 
• Research new vulnerabilities (including potential 0‑days) and support CVE registration when applicable. 
• Collaborate closely with Backend, DevOps, Cloud, and QA teams to ensure remediation and secure system architectures. 
• Utilize scripting skills (Python, Go, Bash, etc.) to automate testing tasks and improve security workflows. 
• Participate in security architecture reviews and risk assessments. 
• Perform penetration testing and security assessments on Cloud Services (AWS, GCP).

- Best remuneration: Periodically review and adjust salary once a year, PI bonus twice a. Allowances for lunch, transportation, and phone charges. Party with the team once a. Workshop travel for the whole company once a year. Bonuses/Gifts for holidays, International Labor Day, International Women's Day, etc.
- High-class, modern office: 5-star standard office with modern equipment, large rest and entertainment areas (game area, karaoke room, reading room, cafe counter, snack bar, etc.) Meet all members' needs, especially the office has an airy and beautiful view that is among the most beautiful in Hanoi.
- Top equipment: Each employee is equipped with the latest generation LG Gram laptop and modern large LG screen.
- Best working time: Work 8 hours/day (8:00 ~ 17:00), from Monday to Friday. No pressure to work overtime/weekends!
- Flexible, youthful working style: LG CNS Vietnam members are mostly from the 9-10x generation, with a youthful, modern, and fair working style!
- Creative environment, valuing individual opinions: With a young and talented team, we always appreciate the creativity and suggestions that members make.
- Opportunities to work/study in Korea and abroad: With customers and projects mostly from abroad, your opportunities for training and onsite abroad will always be open!
- Other: Happy hours every Friday, Team outing monthly, join clubs like football, badminton, etc...

[Required] 

• Bachelor’s degree in Computer Science, Information Security, Software Engineering, or related field. 
• Hands-on experience in Application Security or Penetration Testing. 
• Strong understanding of OWASP Top 10 and secure application development principles. 
• Experience working with SAST, DAST, and SCA tools and validating their findings. 
• Ability to develop PoCs and exploit known vulnerabilities (CVE-level experience preferred). 
• Basic knowledge of security technologies such as Firewall, VPN, IPS/IDS, EDR. 
• Understanding of IT infrastructure fundamentals (Network, WAS, DB, OS, etc.). 
• Proficiency in scripting languages such as Python, Go, or Bash. 
• Experience with Mobile Application penetration testing (Android/iOS). 
• Certifications such as OSCP, CEH (strongly preferred). 
• Solid analytical, documentation, and communication skills. 
• English communication skills sufficient for team collaboration.                                                                              [Preferred] 
• Award history or strong performance in major CTF competitions. 
• Experience discovering and registering 0‑day vulnerabilities (CVE assignment). 
• Hands-on experience with Cloud environments such as AWS or GCP. 
• Familiarity with DevSecOps, CI/CD security, or security automation. 
• Experience with threat modeling or security design review.