Job Description

• Provide oversights and reporting for issues relating to security risk and status of new and  emerging vulnerabilities affecting IT environment
• Assist on the end-to-end integrated vulnerability management processes including cyber threat analysis, risk analysis and identify nature of the vulnerability and affected systems.
• Assist on mitigation, remediation and tracking, collate and report vulnerability management with progress status. And assist on appropriate escalation process
• Collects and disseminates security vulnerability information both from internal and external source to understand infrastructure/ application / Technology vulnerability management methodologies, risk rating, remediation recommendation according to changing circumstances
• Performs vulnerability assessments
• Perform penetration testing for application.

 Qualification

• Bachelor’s degree or Master’s degree in Computer Science, Computer Engineering or related field with 3+ years relevant experience
• Hands-on experience in scanning tool
  • Source code scan (e.g. HP Fortify)
  • Web application scan (HP Web Inspect, Burp Suit Pro, OWASP WebScarab, Paros, etc.)
  • System scan (Nexpose, Nessus, etc.)
  • Network scan (Nexpose, Nessus, Nmap, etc.)
  • Wireless can (Wifi inspector, etc.)
• Experience with application penetration testing (e.g. OWASP ZAP, Burp Suite, etc.)
• Subject matter expert on software vulnerability types and exploitation
• Knowledge of how to test applications across various platforms (Linux, Windows, etc.) for security issues
• Knowledge of at least one programming or scripting language such as .Net, Java, Python, C, etc.
• Strong understanding of the network security
• Good presentation & documentation skills

Location: Glass House Building, Ratchada, Bangkok