Security Vulnerability and Penetration Testing (VAPT) Engineer

B & M Global Services Manila, Inc.

Pazarlıklı
Tesis içi - Taguig1-3 Yıl TecrübeEğitim gerekli değilTam zamanlı
Paylaşmak

İş tanımı

Açıklama

The Security Vulnerability and Penetration Testing (VAPT) Engineer will oversee and serve as a technical resource for all assessment activity related to the security posture of existing and proposed firm systems, platforms, and processes to protect and continually improve the confidentiality, integrity, and availability of information systems per the firm's business objectives, regulatory requirements, and strategic goals.

Responsibilities:
  • Perform security penetration testing of the Firm’s systems, platforms, and applications
  • Serve as a Subject Matter Expert (SME) for the VAPT function
  • Serve as the system owner for common VAPT toolsets, platforms, and processes
  • Provide technical assessment reports that are easily understandable by the target audience and include practical and reasonable recommendations based upon sound risk management principles
Skills and Experience:
  • Possess a Computer Science bachelor’s degree or substantially equivalent experience
  • CISSP required
  • GIAC GPEN or GWAPT preferred
  • Offensive Security OSCP required
  • Commanding knowledge of VAPT concepts and best practices, including the requirements for WhiteHat/ethical hacking
  • Expert understanding of the difference between a vulnerability assessment and a penetration test in the context of assessment scope, objectives, and deliverables
  • Extensive experience with common automated VAPT tools such as Nessus, Appscan, Burp Suite, Nipper, and Trustwave 
  • Expertise with common attack tools and frameworks such as Wireshark, Kali, Metasploit, etc.    
  • Expertise with mobile platform security technology, including vulnerability identification and exploitation tools, as well as mobile platform security best practices, frameworks, etc.
  • Understands VAPT in the context of risk management and organizational priorities
  • Passionate in the practice and pursuit of VAPT excellence
  • Able to validate the presence of identified vulnerabilities with accuracy
  • Mastery of common application platforms and technologies to effectively understand and evaluate complex application assessments via the use of manual techniques and simple tools such as proxies and browser plugins
  • Authoritative mastery of OWASP, CVE, general security controls, and other foundational topics, such as the latest application and operating system exploits
  • Expert knowledge of common scripting and programming languages is advantageous.      
  • Ongoing commitment to understanding the threat landscape and common adversary motivations/practices.  Ability to quickly adapt practices to evolving circumstances
  • Able to maintain critical thinking and composure under pressure
  • Strong written and oral communication skills.  Ability to convey complex concepts to non-technical constituents.  Proficiency in oral and written English
  • Capable of assisting with the preparation of internal training materials and documentation
  • Able to be productive and maintain focus without direct supervision

Gereklilik

Please refer to job description.

Ağ GüvenliğiKriptografiAkıllı SözleşmelerSecurity AuditingThreat AnalysisBlockchain SecurityVulnerability AssessmentIncident ResponseRisk yönetimi
Preview

Boss

HR ManagerB & M Global Services Manila, Inc.

Çalışma konumu

8th flr. Bonifacio Global City Corporate Center, 3030 11th Avenue, Taguig, NCR, Philippines

Yayınlandı 03 June 2025

Rapor

Bossjob Güvenlik Hatırlatması

Eğer pozisyon yurt dışında çalışmanızı gerektiriyorsa lütfen dikkatli olun ve dolandırıcılığa karşı dikkatli olun.

İş arayışınız sırasında aşağıdaki davranışlara sahip bir işverenle karşılaşırsanız, lütfen hemen bildirin

  • kimliğinizi saklıyor,
  • bir garanti vermenizi veya mülkünüzü tahsil etmenizi gerektiriyorsa,
  • sizi yatırım yapmaya veya fon toplamaya zorluyorsa,
  • Yasadışı menfaatler topluyor,
  • veya diğer yasa dışı durumlar.