Security Assessment Staff (Red Team)

Governance, Risk & Cybersecurity

This position will be reporting directly to the Security & Compliance Manager.

Job Purpose: Responsible to helps organizations to improve system & infrastructure security by providing opposition to the point of view of the organization.

Main Responsibility:

  • Vulnerability Assessment Infrastructure
    • Perform network, system, and application vulnerability scan per period
    • Conduct threat-testing against the business footprint and engage with stakeholders to resolve issues.
    • Conduct product security reviews including architecture, design, code, and vulnerability-testing.
    • communicate findings and strategy to Infra Team & Application Owner
    • Assist with scoping prospective engagements, leading engagements from kickoff through remediation
  • Automation (SECOPS) & Manual Pentesting
    • Perform network, system, and application penetration testing, source code reviews, threat analysis, and social-engineering assessments
    • Improve SecDevOps tools and pipeline integrations.
    • Develop and enhance automation penetration testing
    • Research of New Trend of Attack/ threat Metode

Other Responsibility

  • Report Security Assessment Review

Knowledge & Experience

  • Perform penetration and security tests on both web and mobile apps
  • In-depth and up-to-date understanding of technical threats and the techniques to defend against them - including tactics, techniques, and procedures.
  • Experience in conducting security reviews of product, systems, code, and procedures
  • At least 3- 5 Years (s) of working experience in the related field is required for this position.
  • Thorough understanding of application security testing techniques including typical pentest tooling and SecDevOps workflows
  • Understanding of threat-modeling and a shift-left mindset
  • Ability to identify, understand, and communicate the threat-scenarios associated with vulnerabilities and weaknesses.
  • Proficiency in more than one scripting language
  • CyberSecurity industry certifications such as OSCP or CEH are a plus.

Competencies:

  • Leadership: Motivating and influencing others to work toward common goals, helping, others learn new tasks, and serving as a positive role model.
  • Time Management: Ability and willingness to manage one’s time and prioritize responsibilities so that work is completed on time.
  • Problem Analysis: The ability to identify problems, recognize the causes within a reasonable time period, and identify potential solutions.
  • Interpersonal Communication: Communicating effectively with others in one-on-one or small group settings. This includes listening carefully to others, demonstrating an understanding, and constructively giving feedback.
  • Motivating Others: Instilling in others the willingness to do the job and work toward common objectives; this includes serving as a positive role model.
  • Decision Making: The ability to evaluate the consequences of alternative solutions to a question or problem and select the most promising alternative. This involves the ability to make sound judgments by logically evaluating information and recognizing when and where to seek additional information.
  • Job Specific Knowledge: Having knowledge of the occupation or field of work necessary to perform the job. This includes having specific expertise in the technical aspects of the job as well as having the computer skills needed for effective job performance.
  • Flexibility: Adapting willingly to changing work-related conditions and developing and applying innovative approaches to work.
  • Taking Ownership: The willingness to appropriately accept responsibility for completing tasks and to actively pursue resolving problems that may not have originally been your responsibility.
  • Influencing Skills: Diplomatically influencing others to accept an idea or point of view, or to act in a certain manner.

Core behavior

  • Challenge Status Quo
  • Act Responsibility
  • Know Our People
  • Get Things Done
  • Empower People

Send us your most updated CV to hrd@alto.id and use the hashtag #JoinTheSquad

Note: Only selected candidates will be contacted!