Penetration Tester - Web Applications

  • Category: Support Services
  • Team: Internal Risk and Compliance
  • Location: Salcedo Village, Makati

Description

Position at Trustwave

Trustwave is a leading cybersecurity and managed security services provider focused on threat detection and response. Offering a comprehensive portfolio of managed security services, consulting and professional services, and data protection technology, Trustwave helps businesses embrace digital transformation securely. Trustwave is a Singtel company and the global security arm of Singtel, Optus and NCS, with customers in 96 countries. For more information about Trustwave, visit https://www.trustwave.com.

The Trustwave CISO’s Office is seeking a qualified Penetration Testing and Security Assessment Professional to perform internal asset review and assessment. This position answers to the CISO directly and focuses much of the effort toward application and web-app testing of services and features exposed to production roles in a commercial setting. Applicants should be able to demonstrate their skills in real time as well as cite experiences and achievements.


Responsibilities
 

  • Operate a hands-on role involving penetration testing and vulnerability assessment activities of complex applications, operating systems, wired and wireless networks, and mobile applications/devices
  • Develop and maintain security testing plans
  • Automate penetration and other security testing on networks, systems and applications
  • Develop meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk
  • Produce actionable, threat-based, reports on security testing results
  • Act as a source of direction, training, and guidance for less experienced staff
  • Mentor and coach other IT security staff to provide guidance and expertise in their growth
  • Consult with application developers, systems administrators, and management to demonstrate security testing results, explain the threat presented by the results, and consult on remediation
  • Communicate security issues to a wide variety of internal and external “customers” to include technical teams, executives, risk groups, vendors and regulators
  • Deliver the annual penetration testing schedule and conducting awareness campaigns to ensure proper budgeting by business lines for annual tests
  • Foster and maintain relationships with key stakeholders and business partners


Requirements and Qualifications
 

  • Previous working experience as a Penetration Testing Expert for (4) year(s)
  • BA in Computer Information Systems, Management Information Systems or similar relevant field
  • In-depth knowledge of application development processes and at least one programing or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell)
  • Hands on experience with testing frameworks such as the PTES and OWASP
  • Applicable knowledge of Windows client/server, Unix/Linux systems, Mac OS X, VMware/Xen, and cloud technologies such as AWS, Azure, or Google Cloud
  • Critical thinker and problem solver
  • Excellent organizational and time management skills


Education:
We prefer college-educated applicants, but at minimum, high school diploma or equivalent is required for employment.

Trustwave is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.

To All Agencies:
Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave’s policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.

Share this opportunity

Trustwave is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.

Trustwave is a leading cybersecurity and managed security services provider focused on threat detection and response. Offering a comprehensive portfolio of managed security services, consulting and professional services, and data protection technology, Trustwave helps businesses embrace digital transformation securely.Trustwave is a Singtel company and the global security arm of Singtel, Optus and NCS, with customers in 96 countries.

To All Agencies: Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.