Penetration Tester 3
Asurion
Date: 3 weeks ago
City: Taguig
Contract type: Full time
Application Penetration Tester 3
Application Penetration Tester 3
The Application Penetration Tester will assist Asurion in developing secure products by providing best-in-class application security penetration testing and security assessment services to the product development organization, while passionately pursuing personal and organizational excellence in the field of application/product security.
Core Duties And Responsibilities
Application Penetration Tester 3
The Application Penetration Tester will assist Asurion in developing secure products by providing best-in-class application security penetration testing and security assessment services to the product development organization, while passionately pursuing personal and organizational excellence in the field of application/product security.
Core Duties And Responsibilities
- Perform in-depth application and system penetration tests of internally developed products and enterprise systems to Identify security risks and vulnerabilities.
- Develop functioning proof of concepts (PoCs) to demonstrate exploitation and impact of found vulnerabilities
- Provide guidance and assistance on vulnerability remediation
- Review product and open-source code for the purposes of assessing security and determining weaknesses / vulnerabilities.
- Build and maintain positive and productive working relationships with product development teams and individuals.
- Develop security assessment scripts and frameworks and assist in efforts to automate security testing and assessment activities.
- Continuously learn and keep pace with the latest technical developments in the security space.
- Perform threat modeling with application security engineers and product development staff to promote secure development and inform penetration testing / red-team efforts.
- Mentor security champions with respect to penetration testing techniques, vulnerability research, and red-team tactics.
- Aid the incident response process when product security expertise is required.
- Participate in post-mortems and retrospectives to improve security of products and systems.
- Research and present on relevant security topics, practices, and threats.
- Strong desire and drive to continuously learn and improve upon existing skills, as well as developing new skills
- Strong researching, analytical and problem-solving skills
- Strong experience and knowledge of identifying, exploiting and remediating web application vulnerabilities
- Proficient in at least one scripting language and/or programming language for building PoCs, automation and completing other similar tasks
- Ability to perform secure coding reviews on applications written in TypeScript, JavaScript, Java, C#, Scala and/or others
- Familiarity with iOS and/or Android penetration testing
- Experience with commonly used cloud services and securing them
- Excellent communication (oral, written, presentation) skills including the ability to explain technical concepts and findings at a high-level to non-technical audiences
- Knowledge of open security standards
- Experience with web and mobile security related tools such as Burp, Caido, adb, Corellium, etc.
- Industry recognized certifications demonstrating practical application of knowledge learned; Offensive Security, Hack the Box, TCM, etc. certifications
- Activity in CTF's and CTF platforms including completion of labs such as the HTB Pro labs
- Experience in full stack web application development
- Experience in iOS and Android development
- Involvement in Bug Bounty Programs
- Experience in reverse engineering and tools (IDA Pro, Immunity, Windbg, gdb, etc.)
- Experience security testing and/or using AI for security and efficiency increase purposes
- Security research projects and/or presenting security research at conferences
- CVE assignments
- Familiarity with Windows and Linux testing/privilege escalation techniques and hardening
How to apply
To apply for this job you need to authorize on our website. If you don't have an account yet, please register.
Post a resumeSimilar jobs
Junior PHS Support Officer
Guild Solutions, Inc.,
Taguig
1 day ago
The S100 Junior Support Officer plays a vital role in supporting the administration and delivery of the S100 program. This includes processing applications, providing customer service, maintaining accurate records, and contributing to continuous improvement initiatives. The role supports community pharmacies in improving access to services, particularly for First Nations people and rural & remote communities.Key ResponsibilitiesProcess program applications for payment...
Section Head, Correspondence Management
RCBC,
Taguig
3 days ago
Job Summary Responsible in handling consumer loans correspondences and notices.How will you contribute? Monitoring of correspondences for completeness, accuracy and delivery within the standard turnaround time. Improve delivery of correspondences by securing updated contact details, clean up etc. Oversee the day to day activities of the section specially on the delivery of requests for Bank Certifications. What will make you...
Business Relationship Officer
RCBC,
Taguig
3 days ago
Job SummarySupports the Business Center's volume objectives through account acquisition and cross-selling of YGC products. Willing to be assigned in 7th Avenue, Fort Bonifacio Burgos Circle, The Fort JY Campos, 4th Avenue BGC,25th St. BGC Branches.How will you contribute?Assist the Branch Manager in achieving sales goals. Prepare monthly and daily sales call plans and reports and ensure correct recording of...