ACG_2888_JOBOur client is a company specialized in technology who is looking for a qualified candidate to join their firm.Design and implement structured training and standardized investigation procedures for effective incident handling.Perform deep-level server analysis to identify intrusion sources and vulnerabilities.Implement enterprise-wide vulnerability scanning tools to monitor network security and ensure regulatory compliance.Evaluate the security posture of internal databases, endpoints, servers, and other infrastructure assets.Support translating functional requirements into technical security requirements in line with customer agreements.Provide expert guidance on risk mitigation strategies and recommend appropriate corrective actions for identified threats.Plan and execute vulnerability assessments and penetration tests across various environments including web applications, APIs, mobile apps, network hardware, and connected devices.Perform multi-level testing approaches—black-box, grey-box, and white-box—on both applications and infrastructure components.Conduct static and dynamic code reviews to identify security flaws in software.Validate exploitable vulnerabilities with clear documentation and reproducible proof-of-concept exploits.Participate in open-source framework research and develop exploits based on published CVEs.Stay updated with the latest techniques in vulnerability exploitation and discover zero-day vulnerabilities in open frameworks.Deliver knowledge-sharing sessions and hands-on training for junior or fresher-level security professionals.RequirementsAt least 3 years of relevant hands-on experience in security assessment or penetration testing roles.Strong foundational knowledge of operating systems and network architectures.Familiar with network protocols and concepts: OSI layers, TCP/IP, IP-based communications.Proficient in at least one programming language such as C, C#, Python, PHP, or Java.Solid understanding of common security threats outlined in OWASP Top 10 (both web and mobile contexts).Strong skills in identifying, analyzing, exploiting vulnerabilities, and implementing remediation measures.Hands-on experience with penetration testing tools like Burp Suite, Acunetix, OWASP ZAP, Kali Linux, Metasploit.Preferred certifications: OSCP, OSWE, OSEP, or similar (a strong advantage but not mandatory).Contact: Nhat Anh NguyenDue to the immense number of applications, only shortlisted candidates will be contacted.
