JOB SCOPE

Role : Offensive Infrastructure Security Officer

Reporting to Offensive Infrastructure Security Team Lead. This position job is to simulate cyber-attack to identify and report security flaws on computer system, network and infrastructure including internet site.

Responsibilities

• Perform penetration test of banks infrastructure products, solutions and platforms (ex. authentication systems, operating systems, printers, IoT devices, complex appliances, network devices, voice infrastructure, physical security)
• Perform penetration test to ensure effectiveness of infrastructure security control on place
• Perform internal and external network infrastructure penetration testing included wireless
• Pinpoint methods and entry points that attacker may use to exploit vulnerabilities or weaknesses
• Perform add-on task of penetration testing base on management required
• Create new testing methods to identify vulnerabilities
• Develop comprehensive and accurate report and penetrations for both technical and executive
• Effectively communication between internal team and stakeholders
• Execute verification and validation testing for customer mitigations and fixes
• Stay updated on the latest malware and security threats
• Ability to learn new penetration test techniques, continue development skillset and certification.

JOB REQUIREMENTS

• Bachelors degree in Information Technology or an advanced diploma in network security is recommended.
• At least completed security certification as eJPT, eCPPT, CND, CEH, and other Security related course
• At least 1+ years experience in penetration testing area
• Experience in related of computer security, network security, network device management, IT administration, cloud security, infrastructure pen testing
• Experience in vulnerability assessment and penetration testing across any of the mentioned infrastructure technologies, solutions and/or platforms.
• Working knowledge of common security and penetration testing tools.
• Familiarity with one or more languages (e.g., Java, C#, Ruby, Perl, Python, PowerShell).
• Well versed with TCP/IP stack and network protocols.
• Good Communication skills verbal and written, and time management
• Having high level of confidentiality, integrity and business ethic
• Ability to work under pressure and tight deadlines.
• Be able to carry out multiple assignments.