Senior Security Analyst & Penetration Tester – Kuala Lumpur, Malaysia

10 Oktober 2018 A-6-5, Northpoint Offices, No. 1, Medan Syed Putra Utara, Mid Valley City 59200 Kuala Lumpur Federal Territory of Kuala Lumpur, Malaysia
Job Details
Job Summary and Mission
The Senior Security Analyst will participate in a variety of engagements, focusing on targets that may include network equipment, servers, applications, APIs, wireless infrastructures, mobile devices, and other information systems. Using a variety of tools and techniques that may include red teaming and social engineering, you will have the opportunity to combine technical expertise with your imagination to discover innovative methods with the goal of ensuring wizlynx’s customers remain one step ahead of its adversaries. This role will be part of a team of IT security and information security experts, providing excellent services to customers and internal teams.
 
Summary of Key Responsibilities
  • Responsibilities and essential job functions include but are not limited to the following:
  • Collaborate as a participating member of the IT-Security and Information Security team
  • Maintain up-to-date knowledge of the IT security industry, including awareness of new or revised security solutions, security standards, trends / best practices, offensive techniques, and tools
  • Execute network, web application, wireless, and social engineering penetration tests that will vary in level of complexity from simple to potentially complex
  • Author quality penetration test reports with professional documentation of identified and exploited vulnerabilities/weaknesses
  • Provide remediation guidance for findings
  • Serve as a consultant in pre-sales, including assessment of client needs, project scopes and proposal preparation
  • Share all knowledge and training with internal colleagues and teams
 
Summary of Ideal Experience, Skills, Knowledge, and Abilities
 
Minimum Experience
  • Bachelor’s degree, preferably in computer science or information systems, or equivalent work experience
  • Minimum of five years direct Information security experience in a security analyst, engineer, architect, consultant or a similar role
  • Minimum of three years professional experience in penetration testing
  • Technical knowledge across a broad range of computing platforms and network protocols
  • High proficiency in a variety of operating systems such as Unix/Linux/Mac/Windows operating systems, including bash and PowerShell
  • High proficiency in manual and automated techniques for penetration testing (network equipment, servers, web applications, APIs, wireless, mobile, databases, and other information systems), as well as executing vulnerability assessments (injection, privilege escalation, fuzzing, buffer overflows, etc.)
  • Proven professional experience testing web applications for common web application security vulnerabilities as defined by OWASP, including input validation vulnerabilities, broken access controls, session management vulnerabilities, cross-site scripting issues, SQL injection and web server configuration issues
  • Programming – Python, Perl, Java, Shell Scripting
  • Tools – Proxies, Port Scanners, Vulnerability Scanners, Exploit Frameworks (ex: Burp, Nessus, Nmap, Metasploit)
  • Strong oral and written communication skills, including a demonstrated ability to prepare quality documentation and presentations for technical and non-technical audiences
  • Certifications such as CREST, OSCP, OSCE, GIAC (GXPN, GWAPT, GPEN, GMOB, GCIH) and others are highly desired
 
Language Skills
 
  • Excellent communication skills in English (written and spoken)
  • Additional languages (German, Spanish, French, Portuguese, Mandarin) is a plus
 
Soft Skills
  • Excellent interpersonal skills, capable to interact with people at all levels; team player
  • Action-oriented and results driven
  • Organized with strong time-management skills
  • Flexible attitude, reliable
  • Customer friendly approach and appearance
  • Willingness to travel
  • Strong problem-solving and analytical skills
 
Key performance indicators / measures of success
  • Achieve agreed project targets in terms of quality, time and cost
  • Positive feedback from client
  • Client interest in maintaining wizlynx services for additional project work
 
Potential Career Development
  • Comprehensive training/certification offered by wizlynx
  • Advancement to higher operational tiers
 
 
Company Description

Headquartered in Switzerland, wizlynx group is a global IT company, employing more than 140 highly skilled IT associates and serving more than 100 clients. Our vision is to be a best-in-class global IT company, enabling customers to focus on their core business by providing them high- quality, value added, innovative and secure managed services.
 
Wizlynx is an IT service provider with extensive experience in infrastructure and network security solutions, which complement our high level of competency in Information Security, Quality & Project Management for enterprise IT organizations. With numerous credentials and extensive experience in the pharmaceutical, banking, insurance, telecom, nutrition, and IT industries, wizlynx can readily provide regulated industry sectors with the following portfolio of services:
 
Project, Quality, Engineering and IT Security Competence Centers Innovation, implementation, and instantiation of solutions 24/7 Operational Competence Centers for Access & Authentication, Extranet & Firewall And, with a standardized set of core processes, our functional areas are able to share technology, services and administrative functions, enabling a more efficient and effective workforce.