Pentest & AppSec

Mô tả công việc:

About KiotViet:
KiotViet wishes to transfer a massive power of technology to every business model in Vietnam and Southeast Asia through our simple and effective solutions. KiotViet is committed itself to creating efficient, convenient products for micro, small and medium-size businesses. In over 15 years, with more than 1500 people who form KiotViet in present, we understand that our members of all time are the foundation of KiotViet nowadays and a launchpad for reaching a better KiotViet in the future. KiotViet is committed to creating a work environment that shares success, shares responsibilities.

We are looking for some developers to join our product team. Joining us, you will have a chance to build the first marketplace in Vietnam with so much technology challenge. As a developer, you will be involved in building products to enable an excellent experience.

What you will do:
• Conduct comprehensive security assessments of software applications, products, IT projects, and systems throughout the development lifecycle;
• Perform vulnerability assessments and penetration testing (VA/PT) across:
– Web applications, mobile applications (iOS & Android), and APIs;
– Server systems (Windows, Linux), databases, network infrastructure, and cloud environments;
• Identify vulnerabilities and recommend appropriate and effective security controls;
• Review and optimize security configurations on servers, network devices, security appliances, and storage systems;
• Coordinate with third-party firms to schedule periodic penetration testing and lead remediation efforts with development teams;
• Perform security code reviews and assist in remediating security flaws identified through internal testing as well as third-party penetration testing;
• Consult and collaborate with the Architecture team on the security design of new projects;
• Continuously update, monitor, and analyze security vulnerabilities, malware threats, and risks; provide timely recommendations for remediation;
• Conduct regular security assessments (VA, Pentest, ASV, APT, segmentation testing) for operating systems, applications, databases, and networks;
• Manage, track, and ensure the remediation of all detected security vulnerabilities across IT services (Vulnerability Management)
• Stay current with the latest security threats, industry trends, and emerging technologies.

Yêu cầu công việc:

What you should be good at:
• Minimum of 2 years of experience in IT security, with hands-on involvement in security testing for web applications, mobile applications, server systems, and network devices;
• Experience with threat modeling and risk assessment for applications;
• Preferred Qualifications:
– Security certifications such as GPEN, LPT, OSWE, OSCP, or other equivalent penetration testing credentials;
– Candidates who have published CVEs or contributed to cybersecurity projects are highly preferred.

Quyền lợi & Chính sách:

- Top salary range in the market (willing to negotiate)
- Compensation, pay raise approval at least 1 time per year, a 13th month salary depending on employee’s performance;
- Performance bonus (up to 2-month salary)
- Social – Health – Insurance paid fully. Healthcare: Annual health check-up, Premium Health Insurance (from level senior according to the company's regulations)
- Advantageous and yield benefits, other benefits such as holiday vacations, benefits for employee’s relatives;
- Unlimited chance of being promoted based on employee’s performance.