We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Security Specialist - Pentester at KMS Technology. Location Information: Ho Chi Minh, Ho Chi Minh, Vietnam. . Company Description. KMS Technology . was established in 2009 as a U.S.-based software services company. With development centers in Vietnam and Mexico, we have been trusted globally for the superlative quality of our software consulting & development services, technology solutions, and engineers' expertise. We pride ourselves on creating brilliant solutions for our clients by leveraging deep expertise, advanced technologies, and delivery excellence for a shared success where everyone can reach their fullest potential. With three Business Lines:. KMS Software:. Leverage software domain expertise to help clients make better business decisions in technology platforms, increase speed-to-market, and gain critical development support through innovative technology solutions.. KMS Solutions:. Empower BFSI businesses to embrace the digital finance revolution and expedite clients’ journey towards complete digitalization, technology consulting, data analytics, software development, and software quality.. KMS Healthcare:. Build transformative next-gen technologies to solve healthcare’s most challenging problems, providing innovative tools and expertise to providers, payers, life sciences, and medical technology vendors.. Job Description. Job Duties and Key Responsibilities:. Conduct Penetration Testing for Web Apps, Mobile Apps, Network and system pentest.. Run scheduled static code scans (SAST) across all relevant repositories (e.g., GitHub, GitLab, Bitbucket).. Detecting zero-days vulnerability from security community, vendors, analysis impact, research & testing exploit to have solution for mitigation.. Stay up-to-date with the latest security trends, vulnerabilities, and industry best practices.. Support ISMS Team to maintain and improve the current practices by following industrial standards such as: ISO 27001 family, SOC 2, HIPAA, PCI-DSS.. Qualifications. Knowledge and skills. 0.5 -1 years of experience in penetration testing (OWASP Top 10 Web, Mobile Apps & Systems, Cloud). Understanding of web applications (HTTP, cookies, sessions). Secure coding review (e.g., Java, JavaScript, Python).. Proficient use of testing tools: Burp Suite Pro, Nmap, Metasploit, Wireshark, ZAP, Nessus... Ability to identify and exploit vulnerabilities with a methodology.. Knowledge and proficiency in (Python, PHP, ASP) programming languages ​​are an advantage.. Ability to think analytically.. Passionate about information security, eager to learn, good at self-study. Good at English in communication skills including oral and written so can communicate with US Clients.. . Education/Training Preferred:. Bachelor’s degree in Information Technology or equivalent work experience.. Security certificate: Security+, CEH, CHFI, ECIH, or other equivalent certificates is advantageous.. Practicing the penetration testing labs platform (HTB,Offensive Security, Tryhackme, VirtualHackingLab) is a plus.. IT certificate: MCSE, LPI, CCNA, CCNP is also a plus.. English proficiency required: Intermediate (B1) level or higher.. Additional Information. Working in one of the Best Places to Work in Vietnam, Top 10 ITC Company in Vietnam. Flexible working model: Flexible time & Hybrid working from Ho Chi Minh or Da Nang city or working remotely from any location in Vietnam. Attractive Salary & Benefits, full . salary. in probation, social insurance on full gross salary. Performance appraisal twice a year, 13th-month salary and performance bonus . Premium healthcare insurance for you and your loved ones. Working 5 days/week , from Monday to Friday. 18+ paid leave days/year. Diverse careers opportunities with Software Services, Software Product Development. Working and growing in a values driven, international working environment and standard Agile culture with passionate and talented teams. Onsite opportunities: short-term and long-term assignments in U.S. Various training on hot-trend technologies, best practices and soft skills. Company trip, big annual year-end party every year, team building, etc.. Fitness & sport activities: football, tennis, table-tennis, badminton, yoga, swimming.... Joining community development activities: 1% Pledge, charity every quarter, blood donation, public seminars, career orientation talks,.... Free in-house entertainment facilities (football, ping pong, gym...), coffee, and snacks (instant noodles, cookies, candies...). And much more, join us and let yourself explore other fantastic things!. .