Responsibilities
- Conduct penetration testing and/or application security assessments independently or within a team
- Address client business issues and objectives, and propose threat and vulnerability management solutions accordingly adhering to company standards
- Produce and assure quality of security test reports
- Perform red teaming, infrastructure and application related security testing
Requirements:
- "Hands on" pentesting experience with web, mobile applications and network infrastructure. And ability to perform source code review
- Required certification is OSCP or SANS GWAPT/ GPEN or equivalent
- Understanding of any one standard such as OSSTMM or OWASP
- Strong expertise with common penetration testing tools like NMap, Nessus, Metasploit, WireShark, Burp Suite, and TCP Dump
- Understanding of TCP/IP networking concepts, reverse engineering and secure coding principles is preferred
- Ability to produce and present the penetration testing reports including solutions
- Business level written and verbal communication in English and Chinese
- Open to travel