Cyber Security Penetration Tester Expert

Celcom Axiata
ashley-avatar-image

AI-generated summary

beta
speech-bubble-tail-image

Oops, looks like Ashley forgot to summarize this job! We apologize for the inconvenience. Please read the complete Job Description for full details and additional information.

Undisclosed

Kuala Lumpur

Full-Time

Job Description

  1. Perform hands-on red teaming simulation, application security penetration testing and help design and improve the security testing artifacts and process for all aspect of development (agile, normal, emergency, etc.) Review the work of junior penetration testers and PMO teams and lead the conflict resolution with various technical teams (e.g. disputes on false positives, alternative security methods, etc.)
  2. Create security test plans and test cases; present test findings and interface with stakeholders across various parts of business (e.g. Customer services, Data Analytics, IT, Group Networks, Digital teams, Fraud and Revenue assurance, etc.) Validates security test scenarios across various SDLC phases (e.g., development, reproduction, production) for low- to moderately-complex projects.
  3. Assess, identify, select alternatives to guide the developers on recommended controls and countermeasures in implementing the required security measures (act as an SME). Provides insight and consultation on the development of testing scope and approach, and collaborates with cross-functional IT and business stakeholders to review the overall testing approach.
  4. Develop detailed work plans, schedules, resource plans for recurring penetration tests and act as liaison with external third party penetration testers (both from Group and when required from other parts of the business or partners (e.g. cloud providers, partners, etc.)
  5. Provide an advice in relation to the convergence of networks and systems from a technical, product and process perspective.
  6. Establish and report on metrics to gauge pen testing effectiveness, progress and key risk areas identified through audits, as well as monitor remediation activities. Propose automation to improve efficiency and effectiveness.
  7. Lead the research of new technology exposure with change to current security threat landscape. Researches and stays abreast of industry trends, emerging threats, best practices, and emerging techniques to creatively discover and exploit vulnerabilities, and recommend security solutions for technology systems.
  8. Act as an SME to Fraud and revenue assurance team in identifying and simulating cases of digital fraud and potential revenue losses caused via digital channels.
  9. Ability to provide complete and accurate Celcom Information Infrastructure security knowledge with emphasis on the data / information flows and data handling.
  10. Contributes in preparing budgets for the solutions and provide inputs for the yearly organization budgets business plan
  11. Protect company assets by helping to develop security strategies; directing system control development and access management, monitoring, control, and evaluation. Perform other duties as assigned.

Job Requirements

Education Qualification:
Bachelor degree holder (IT or related technical preferred) with Information Security knowledge 
  • Certified as GIAC Web Application Penetration Tester (GWAPT), GIAC Penetration Tester (GPEN), or Certified Ethical Hacker (CEH) 
  • CISA / CISM/ CISSP (would be an advantage) 
  • Experience with commercial application scanning tools such as Fortify or NTOSpider, as well as in-depth knowledge of proxying tools such as Paros, Burp, and WebScarab 
  • Web application penetration testing experience and familiarity with common penetration testing tools 
  • Good understanding of Information security related standards and best practices (these include ISO 27001, NIST, CIS, OWASP, etc.) 
  • Good understanding of Cyber laws and Law enforcement requirements 

Years of Experience: 
At least 7-10 years working experience in IT Security and or related fields. 
  • At least 7 years in Penetration Testing 

Additional Info

Experience Level

0 - 7 Years of Experience

Job Specialisation

General IT


Company Profile

Celcom Axiata-logo-image

Celcom Axiata

Creating awesome moments for YOU!

Some say we are in the business of telecommunications. We prefer to say we are in a ‘Business to deliver awesome customer experience by opening up your worlds’. Because at Celcom, we don’t just connect people to products and services, instead we help people connect with their world of possibilities.

Our purpose? We want to give you awesomeness at every point in your life, be it at home with your loved ones, to build collaboration at work or even reach out to the community as acorporate citizen. 

Cyber Security Penetration Tester Expert

Celcom Axiata

Undisclosed

Kuala Lumpur

Full-Time

This job is no longer available