Salary : $4,200 -
$8,200 / Month
description:
PT. PT. Devantara Media Factory is seeking a skilled and
experienced Security Testing Engineer to join
our growing team. In this role, you will be responsible for conducting thorough
security assessments of applications, networks, and systems by simulating
real-world cyber threats.
Your expertise will play a critical
role in identifying vulnerabilities, providing actionable remediation
strategies, and enhancing the overall security posture of our clients. This
position offers the opportunity to work on a wide range of security engagements
and contribute directly to protecting critical assets against emerging cyber
threats.
Responsibilities :
- Execute security testing activities, including penetration
testing and vulnerability assessments, on web applications,
infrastructure, and network environments to proactively identify and
remediate security weaknesses.
- Design and maintain automated and manual security testing
strategies, ensuring robust test coverage across critical systems,
applications, and services.
- Configure and manage security testing tools and environments,
including vulnerability scanners, SIEMs, firewalls, IDS/IPS, and other
relevant security monitoring technologies.
- Develop detailed technical reports and risk assessments, clearly
articulating discovered vulnerabilities, their potential impact, and
actionable remediation steps aligned with industry best practices.
- Collaborate with DevOps, development, and infrastructure teams to embed
secure coding practices throughout the software development lifecycle
(SDLC) and support compliance with standards such as OWASP, ISO 27001, and
NIST.
- Continuously monitor for security anomalies and conduct
post-exploitation analysis to simulate real-world attack
scenarios and validate defensive mechanisms.
- Stay current with emerging threat landscapes, tools,
and techniques, and apply this knowledge to strengthen internal testing
methodologies and security postures.
Requirements :
- Proven experience in security
testing, including penetration
testing and vulnerability
assessment for web applications, networks, or cloud infrastructure
environments.
- In-depth
knowledge of information security standards and
frameworks such as OWASP Top 10, NIST, and ISO 27001, with
practical application in securing systems and applications.
- Ability to
perform secure code reviews and
identify vulnerabilities, particularly in widely used Content Management Systems (CMS) such as WordPress, Joomla, and Drupal.
- Proficient
in operating and analyzing results from industry-standard security testing tools such as Burp Suite, Nmap, Metasploit, Wireshark, and other relevant frameworks.
- Strong
grasp of network protocols, system architecture, and infrastructure
security best practices across diverse environments.
- Hands-on
experience with scripting and programming languages (e.g., Python, PHP, Java, or Shell scripting) to
automate security tasks and develop custom test scripts.
- Security
certifications such as OSCP, CEH, CISSP, or equivalent are highly desirable and considered a
significant advantage.
#CybersecurityJobs#PenetrationTesting#EthicalHacking#InfoSecCareers#RedTeamJobs#BugBounty#CyberSecurityExperts#RemoteCybersecurityJobs#ITSecurityJobs#SecurityAnalyst#OSCP#CEH#CISSP#BurpSuite#Metasploit#Nmap#Wireshark#OWASP#WebSecurity#AppSec#Webapplicationsecurityjobs