Job Description

Join our team as a Security Analyst specializing in Penetration Testing. Conduct thorough security assessments, penetration tests, and vulnerability assessments while staying informed about the latest IT security trends and tools.

• Test and deploy security systems, including hardware, software, and related integration components.
• Stay informed about developments in the IT security industry, including new security solutions, standards, best practices, offensive techniques, and tools.
• Conduct security assessments, penetration tests, and vulnerability assessments on networks, applications, and information systems to identify vulnerabilities and recommend corrective actions.
• Perform periodic reviews of network, web applications, mobile applications, physical security, and social engineering tests, and other cyber security practices.
• Provide detailed remediation guidance for identified vulnerabilities.
• Assist in coordinating and executing third-party penetration testing projects, regulatory examinations, and other audits of information systems.
• Review and validate findings noted by third-party testers related to network and web application security.
• Create high-quality penetration test reports with professional documentation of identified vulnerabilities and exploits.
• Conduct detailed analysis of systems where breaches of critical IT infrastructure may have occurred, providing root cause analysis, impact assessments, and rapid response to aid in detection and prevention of similar incidents.
• Assist Infrastructure and Application Teams in prioritizing patches and security fixes following vulnerability assessments.
• Organize and maintain supporting documentation to substantiate work performed.

An organization that covers several industries and prioritizes their security|Be a part of a lean team that provides direct guidance from industry leaders

• Bachelor\'s degree in computer science, information systems, or equivalent work experience.
• Three years of direct experience in information security or a similar role.
• Minimum of two years of professional experience in penetration testing.
• Technical proficiency across various computing platforms and network protocols.
• Expertise in operating systems such as Unix/Linux/Mac/Windows.
• Hands-on experience with manual penetration testing techniques across network equipment, servers, web applications, APIs, wireless networks, mobile devices, databases, and other information systems.
• Experience in testing web applications for common vulnerabilities defined by OWASP, including input validation, broken access controls, session management, cross-site scripting (XSS), SQL injection, and web server configuration issues.
• Proficiency with security tools such as proxies, port scanners, vulnerability scanners, and exploit frameworks (e.g., Burp, Nessus, Nmap, Kali Linux).
• Strong oral and written communication skills, with the ability to prepare high-quality documentation and presentations for technical and non-technical audiences.
• Candidates with professional certifications covering Vulnerability Assessment & Penetration Testing are preferred.
• Familiarity with standards and requirements such as ISO27001, NIST, PCIDSS, and financial authorities\' guidelines (e.g., GPIS/RMiT) is advantageous.

This client is a diversified conglomerate based in Malaysia with a strong presence in various industries including real estate, construction, hospitality, education, health care, retail, and leisure. They are known for their innovative and sustainable developments, commitment to community development, and contributions to Malaysia\'s economic growth. The group has a reputation for excellence in delivering integrated solutions and enhancing quality of life through its diverse portfolio of businesses and initiatives.

• An organization that covers several industries and prioritizes their security
• Be a part of a lean team that provides direct guidance from industry leaders

Michael Page