Application Security Engineer (Pentester)1 week ago Be among the first 25 applicants Discover security vulnerabilities through design review, source code review and penetration testing, either manually or by using automated tools, and follow up on the remediation process Participate in relevant agile scrum meetings and provide professional recommendations on the design of security controls, libraries, and/or protocols Conduct security-related training sessions Implement various security control verification and risk detection through automated scripts Provide support on application-level security monitoring, intrusion detection, and incident response Responsibilities Discover security vulnerabilities through design review, source code review and penetration testing, either manually or by using automated tools, and follow up on the remediation process Participate in relevant agile scrum meetings and provide professional recommendations on the design of security controls, libraries, and/or protocols Conduct security-related training sessions Implement various security control verification and risk detection through automated scripts Provide support on application-level security monitoring, intrusion detection, and incident response Requirements OSCP (or equivalent, such as CREST) is a MUST. A deep understanding of OWASP Top 10 and the ability to detect and address logic flaws are highly desirable. Minimum four years of experience in Web API testing and proficiency in using Burp Suite is preferred. Experience with Mobile App testing, comprehension of jailbreaking/rooting a device, API hooking, reverse engineering, and de-obfuscation is highly beneficial. Fluency in spoken and written English is essential, and proficiency in Mandarin would be advantageous. Seniority level Not Applicable Employment type Full-time Job function Engineering and Information Technology
#J-18808-Ljbffr