Key Responsibilities
• Conduct red teaming activities, penetration tests, and vulnerability assessments on systems, networks, and applications.
• Conduct internal security risk assessments for the IT systems.
• Collaborate with service providers to perform external security risk assessments and audit exercises.
• Identify and propose security mitigations and enhancements.
• Collaborate with technical vendors and internal stakeholders to take part in security execution, such as architecture design, solution research, technical requirement documentation, and technical implementation.
• Develop, implement, and update security processes. Formulate and maintain relevant documentation, including procedures, standards, and guidelines. Educate and train users on the technical best practices.
Requirements
• A university degree in computer science, engineering or related fields.
• At least 4+ years of experience in cybersecurity consulting, operations, solution implementations, or related technology projects.
• Proficiency in penetration testing tools (e.g., Metasploit, Burp Suite, Nmap).
• Extensive knowledge of computer systems, including operating systems, databases, networks, and cloud computing. Analytical thinker with the ability to understand, visualize, analyse, and resolve difficult issues.
• Capable in effective problem-solving, such as studying a problem, analysing options, and suggesting solutions. Ability to approach a problem from different angles, including as an end-user and a technical person.
• Hands-on experience on system implementations and operations such as system hardening and vulnerability management.
• Strong interpersonal communication, writing, and presentation skills. Experience in client-facing role or management consultancy is highly preferred.
• Security certification such as CISSP / CISP / CISA / OSCP preferred.
Please note that only short-listed candidates will be notified. All information gathered will be treated in strict confidence and solely used for recruitment purposes.
