Our client, a leading enterprise with one of the largest technology platforms in HK, is looking for a Vulnerability Testing Manager to join their cybersecurity team.  The selected candidate will be putting on the red hat in leading penetration tests and finding weak points. Great exposure, perm position, and growth opportunity.

Responsibilities:
– Lead the Cyber Security Team on vulnerability testing for web applications, APIs, Infrastructure, mobile apps, and networks.
– Lead the web scanning and automated code testing of in-house applications to ensure that systems are resistant to known attacks, e.g. OWASP Top 10, when deployed.
– Perform application security planning and secure application code review.
– Review Security Events, and provide investigation and remedial action.
– Develop the application coding guideline and application security scanning process.
– Develop a penetration test policy and source code review guidelines.
– Review the configuration of Firewalls, IDS / IPS, and other security devices.
– Perform Information Risk Assessment and due diligence on the vendor selection process.
– Provide technical support and configuration on security infrastructure and systems.

Qualifications:
– At least 10 years of experience in Information Risk and Security management.
– Recent team leading and management experience.
– Extensive experience in performing application security assessments.
– Passion for putting the red hats to perform offensive security and assurance.
– Strong understanding of performing penetration tests, vulnerability assessments, and application/infrastructure security reviews for web and mobile applications. Experience in supporting network infrastructure and performing secure coding reviews.
– Hands-on experience working with Burp Suite, OWASP Zap, Nmap, Metasploit, Wireshark, and SIEM
– Experience with digital security and the recent adoption of mobile and web security measures.
– Experienced in secure application coding and application security scanning.
– Excellent communication skills in English.
– Security Certificates in GIAC, CISSP, CEH, and OSCP. CISA, CISM, OSCE, OSWE Web Expert, or OSEE Exploitation Experts or equivalent are a great plus.

______________________________________________

Headquartered in Hong Kong, Pinpoint Asia is the go-to Specialist Firm for Technology Recruitment

We are a team of specialist tech recruiters (many of our recruiters come from an IT background) and we serve a wide range of clients, all the way from tech startups (especially FinTech) to some of the top Financial Institutions on Wall Street and several other large-scale enterprises in other industries.

Our significant market reputation and status as the leading search firm for many of our clients is a direct result of our strong industry relationships, intimate understanding of the marketplace and proven ability to deliver results. 

Our vision is to help companies hire smarter and help job seekers get closer to their career aspirations.

To see all our open jobs please reach out to us at https://pinpointasia.com/job-search/ (EA License # 68987)