Penetration Tester (Web Application)

ABOUT CLIENT

Our client is using new technology to develop products for the banking industry

JOB DESCRIPTION

Be skilled in conducting advanced manual application penetration tests.

Capable of developing tools and internal applications for discovering, assessing, and mitigating security vulnerabilities in both development and production stages.

Engage in design, source code review, and testing of new application security features and controls across various products.

Automate security penetration testing cases and ensure deployment in a production environment.

Advocate for secure development practices for software engineers.

Research and provide recommendations to the development team regarding security standards.

Continuously upgrade personal knowledge of information security to remain at the forefront of the field.

JOB REQUIREMENT

A bachelor's degree in Computer Science, Computer Engineering, Information Systems, or a related field, or 3+ years of equivalent work experience is required.

Familiarity with methods, processes, and procedures for conducting penetration testing.

Strong understanding of web application development.

Experience in reviewing source code (Java, Python) and mobile applications (Native, KMM).

Proficiency in cloud security (AWS).

Knowledge of web and mobile application security principles, including understanding of application security topics such as OWASP Top 10 and authentication infrastructure (SAML, OAUTH).

Experience in planning, coordinating, executing, and reporting security tasks.

Strong communication skills with the ability to explain complex technical issues to non-technical business users.

Possession of security-related certifications like GWAPT/ OSWE, etc. will be an advantage.

WHAT'S ON OFFER

Company offers meal and parking benefits.

Full benefits and probationary salary provided.

Insurance coverage as per Vietnamese labor law and premium health care for employees and their families.

Work environment is values-driven, international, and agile in nature.

Opportunities for overseas travel related to training and work.

Participation in internal Hackathons and company events such as team building, coffee runs, and blue card activities.

Additional benefits include a 13th-month salary and performance bonuses.

Employees receive 15 days of annual leave and 3 days of sick leave per year.

Work-life balance with a 40-hour workweek from Monday to Friday.

CONTACT

PEGASI – IT Recruitment Consultancy | Email: recruit@pegasi.com.vn | Tel: +84 28 3622 8666

We are PEGASI – IT Recruitment Consultancy in Vietnam. If you are looking for new opportunity for your career path, kindly visit our website www.pegasi.com.vn for your reference. Thank you!

Job Summary

Company Type:

Offshore

Technical Skills:

Security, AWS

Location:

Ho Chi Minh - Viet Nam

Working Policy:

Hybrid

Salary:

$ 3,500 - $4,700

Job ID:

J00142

Status:

Active

Related Job:

Manual QA Tester

Ho Chi Minh - Viet Nam

Product

Manual Test

Create, document and implement comprehensive manual test cases for web and mobile (iOS/Android) user processes. Ensure new features align with functional requirements, UI/UX specifications and cover edge cases. Record defects with detailed reproduction steps, screenshots/video capture and assess severity. Validate bug fixes, regressions and rollback scenarios across different environments (dev, QA, staging). Test mobile builds on real devices and emulators. Work closely with developers to clarify requirements, address unclear acceptance criteria and refine user stories. Update and maintain test plans, checklists and traceability matrices. Provide stakeholders with daily QA status and release-readiness risk reports.

Negotiation

View details

Backend Engineer (Python/Kotlin)

Ho Chi Minh, Ha Noi - Viet Nam

Outsource

Python
Kotlin
AWS

Create and develop financial products on top of a core banking platform called Thought Machine Vault Create and develop event-driven microservices to enhance the functionality of the core banking platform Maintain and enhance service reliability through effective simulation, end-to-end, and performance tests Enhance SRE processes and offer production support for services Write high-quality, sustainable code using TDD Utilize Kubernetes and Docker for scheduling and running microservices Technology stack comprises mainly of Python and Kotlin/Java, with the flexibility to use the most suitable language for problem-solving Utilize PostgreSQL, Aurora, and S3 for persistence Harness the elastic AWS infrastructure Practice continuous integration and delivery Follow the approach of "you build it, you run it."

Negotiation

View details

Featured Job

Senior Mobile Security Engineer (Forensics)

Ho Chi Minh - Viet Nam

Product

Security

Examine and interpret large-scale datasets and fraudulent activities to identify patterns, clusters, and evolving fraudulent behavior, including understanding the methods and processes used by attackers. Collaborate with the mobile development team to create and integrate secure mobile SDK components for accurate collection of forensic data, aiding in the identification of location spoofing, emulator abuse, rooted/jailbroken environments, and other forms of environment manipulation. Lead and conduct in-depth technical research on emerging mobile fraud and evasion techniques, and translate the findings into practical forensic indicators. Establish and improve end-to-end incident response capabilities throughout the system, working with Data Science and ML teams to convert forensic insights into technical features, rules, and detection logic. Offer technical advice and mentorship to junior engineers on effective practices in mobile security, forensics, and data analysis.

Negotiation

View details