Cyber Security Consultant & Penetration Tester
Wizlynx Group
Hong Kong

Key Key Role

As Cyber Security Consultant & Penetration Tester, you will execute a variety of engagements, conducting advanced hands-on penetration testing beyond automated tool validation, which will focus on targets that may include network devices, servers, web and mobile apps, web APIs, wireless infrastructures, IoT devices, and other information systems.

You will have the opportunity to combine technical expertise with your imagination to conduct targeted attacks and discover vulnerabilities, with the goal of ensuring wizlynx group’s customers remain one step ahead of its adversaries.

What your keys responsibilities will be

Responsibilities may include the following, but are not limited to :

  • Collaborate as a participating member of the Cyber Security team
  • Lead and execute penetration tests for network, web and mobile apps, wireless networks as well as social engineering assessments that will vary in level of complexity from simple to potentially
  • Involved in the execution of Red Teaming engagements / Intelligence-led Cyber Attack Simulation Testing (iCAST) exercises
  • Author quality penetration test reports with professional documentation of identified and exploited vulnerabilities / weaknesses
  • Provide detailed remediation guidance for findings
  • Serve as a consultant in pre-sales, including assessment of client needs, project scopes and proposal preparation
  • Proactively mentor and share knowledge with Security Testing team members.
  • Contribute to the continuous improvement of our services
  • What we are looking for

    Minimum Experience :

  • Bachelor's degree, preferably in computer science or information systems, or equivalent work experience
  • Two years direct Information Security experience in a security analyst, engineer, architect, consultant or a similar role
  • Minimum of one-year professional experience in penetration testing
  • Experience in performing Threat Intelligence led Red Teaming & HKMA iCAST is an advantage
  • Technical knowledge across a broad range of computing platforms and network protocols
  • High proficiency in a variety of operating systems such as Unix / Linux / Mac / Windows operating systems, including bash and PowerShell
  • Know-how in manual techniques for penetration testing (network equipment, servers, web applications, APIs, wireless, mobile, databases, and other information systems)
  • Professional experience testing web applications for common web application security vulnerabilities as defined by OWASP, including input validation vulnerabilities, broken access controls, session management vulnerabilities, cross-site scripting issues, SQL injection and web server configuration issues
  • Skilled in using and interpreting results from common security tools including but not limited to BurpSuite, Nessus, Nmap, Metasploit, SQLmap, Netcat, ReconNG, etc.
  • Programming Python, Perl, Java, Shell Scripting
  • Strong oral and written communication skills, including a demonstrated ability to prepare quality documentation and presentations for technical and non-technical audiences
  • One or more Certifications such as OSCP, OSCE, OSWE, eCPPT, eWPT, Pentester Academy's Certified Red Teaming Professional, ISACA's CPTO, CREST CRT, GIAC (GXPN, GWAPT, GPEN, GMOB) , HKIB's CCASP , CISSP others are highly desired
  • Language Skills :

  • Excellent communication skills in English and Cantonese (written and spoken)
  • Ability to communicate clearly and concisely, both orally and in writing
  • Soft Skills :

  • Excellent interpersonal skills, capable to interact with people at all levels; team player
  • Action-oriented and results driven
  • Organized, independent with strong time-management skills
  • Flexible attitude, reliable
  • Customer friendly approach and appearance
  • Willingness to travel
  • Strong problem-solving and analytical skills
  • 报告这项工作

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    通過點擊“繼續”,我允許neuvoo同意處理我的數據並向我發送電子郵件提醒,詳見neuvoo的 隱私政策 。我可以隨時撤回我的同意或退訂。