Job Description

Job Requirements


Support the sales by attending security sales meeting (if necessary), effort estimation and provide security testing project timeline. Develop the security acceptance test plan. Provide expert technical support during the security testing activities. Security test preparation, setting-up of testing environment, configuration and installation of the security testing tools. Perform manual or automated security testing using commercial security testing tools. Conduct Greybox Testing (Authenticated) and/or Blackbox Testing (Unauthenticated) Penetration Tests Conduct Whitebox Testing and Secure Code Review Conduct Network and Infrastructure Vulnerability Assessment and Penetration Testing Conduct Web, Mobile and Desktop Application Vulnerability Assessment and Penetration Testing Find and pinpoint the vulnerabilities of the assess target system / application Document and report the vulnerabilities found in the system Provide professional recommendations / advice to mitigate and resolve the vulnerabilities. Present the security testing results to the relevant stakeholders. Provide weekly status reporting on the security testing activity progress




Requirements:


Required Certifications: Any of the followings.
o CREST Registered Penetration Tester (CREST CRT)


o Offensive Security Certified Professional (OSCP)


At least 2 years working experience in Pen-Testing Knowledge in conducting security testing with the following guidelines and standards. Open Web Application Security Project (OWASP Top 10 Frameworks) Common Vulnerability Scoring System (CVSS) Common Vulnerabilities and Exposures (CVE) Common Weakness Enumeration (CWE) / SANS Top 25 Software Errors High proficiency in manual and automated techniques for penetration testing (network equipment, servers, web applications, APIs, wireless, mobile, databases, and other information systems), as well as executing vulnerability assessments (injection, privilege escalation, fuzzing, buffer overflows, etc.) Tools - Proxies, Port Scanners, Vulnerability Scanners, Exploit Frameworks (ex: Burp, Nessus, Nmap, Metasploit) Strong oral and written communication skills, including a demonstrated ability to prepare quality documentation and presentations for technical and non-technical audiences.




Interested applicants may submit your detailed resume to swapna_pamu@evo-sg.com in MS Word format.





By sending us your personal data and curriculum vitae (CV), you are deemed to consent to EVO Outsourcing Solutions Pte Ltd and its affiliates to collect, use and disclose your personal data for the purposes set out in the Privacy Policy available at evo-sg.com/privacy-policy. You acknowledge that you have read, understood, and agree with the Privacy Policy.