Security Testing Engineer

Salary : $4,200 - $8,200 / Month

description:

PT. PT. Devantara Media Factory is seeking a skilled and experienced Security Testing Engineer to join our growing team. In this role, you will be responsible for conducting thorough security assessments of applications, networks, and systems by simulating real-world cyber threats.

Your expertise will play a critical role in identifying vulnerabilities, providing actionable remediation strategies, and enhancing the overall security posture of our clients. This position offers the opportunity to work on a wide range of security engagements and contribute directly to protecting critical assets against emerging cyber threats.

Responsibilities :

• Execute security testing activities, including penetration testing and vulnerability assessments, on web applications, infrastructure, and network environments to proactively identify and remediate security weaknesses.
• Design and maintain automated and manual security testing strategies, ensuring robust test coverage across critical systems, applications, and services.
• Configure and manage security testing tools and environments, including vulnerability scanners, SIEMs, firewalls, IDS/IPS, and other relevant security monitoring technologies.
• Develop detailed technical reports and risk assessments, clearly articulating discovered vulnerabilities, their potential impact, and actionable remediation steps aligned with industry best practices.
• Collaborate with DevOps, development, and infrastructure teams to embed secure coding practices throughout the software development lifecycle (SDLC) and support compliance with standards such as OWASP, ISO 27001, and NIST.
• Continuously monitor for security anomalies and conduct post-exploitation analysis to simulate real-world attack scenarios and validate defensive mechanisms.
• Stay current with emerging threat landscapes, tools, and techniques, and apply this knowledge to strengthen internal testing methodologies and security postures.

Requirements :

1. Proven experience in security testing, including penetration testing and vulnerability assessment for web applications, networks, or cloud infrastructure environments.
2. In-depth knowledge of information security standards and frameworks such as OWASP Top 10, NIST, and ISO 27001, with practical application in securing systems and applications.
3. Ability to perform secure code reviews and identify vulnerabilities, particularly in widely used Content Management Systems (CMS) such as WordPress, Joomla, and Drupal.
4. Proficient in operating and analyzing results from industry-standard security testing tools such as Burp Suite, Nmap, Metasploit, Wireshark, and other relevant frameworks.
5. Strong grasp of network protocols, system architecture, and infrastructure security best practices across diverse environments.
6. Hands-on experience with scripting and programming languages (e.g., Python, PHP, Java, or Shell scripting) to automate security tasks and develop custom test scripts.

1. Security certifications such as OSCP, CEH, CISSP, or equivalent are highly desirable and considered a significant advantage.

#CybersecurityJobs#PenetrationTesting#EthicalHacking#InfoSecCareers#RedTeamJobs#BugBounty#CyberSecurityExperts#RemoteCybersecurityJobs#ITSecurityJobs#SecurityAnalyst#OSCP#CEH#CISSP#BurpSuite#Metasploit#Nmap#Wireshark#OWASP#WebSecurity#AppSec#Webapplicationsecurityjobs