Job Title

Get AI-powered advice on this job and more exclusive features.About Ekco Founded in 2016 Ekco is now one of the fastest growing cloud solution providers in Europe!We specialise in enabling companies to progress along the path of cloud maturity, managing transformation and driving better outcomes from our customers existing technology investments. In a few words, we take businesses to the cloud and back! We have over 600 highly talented and supportive colleagues (and counting) across a number of regional offices in the UK, Benelux & Ireland.About the roleWe are looking for a skilled and experienced Penetration Tester to join our team of security consultants. As a Penetration Tester, you will play a crucial role in assessing and reporting on the security posture of our internal clients applications, infrastructure, APIs, servers and endpoints, identifying vulnerabilities that could be exploited by malicious individuals or attackers. Your deep knowledge of app security, penetration testing methodologies, and industry best practices will be instrumental in ensuring the confidentiality, integrity, and availability of our clients systems.Responsibilities:Conduct comprehensive penetration tests on clients'' systems across various platforms (including web applications, thick client applications, infrastructure, APIs, cloud platforms) to identify security vulnerabilities, weaknesses, and potential risks.Utilise, develop and execute customized test plans, methodologies, and tools for penetration testing, focusing on both network and application layers, tailored to the clients specific needs and requirements. Follow leading testing standards and methodologies such as OWASP and NIST.Evaluate system architectures and designs to identify potential security flaws and provide strategic recommendations for risk mitigation.Collaborate closely with clients and their development teams to gain a deep understanding of the architecture, codebase, and underlying technologies, offering guidance on issue remediation and secure coding practices.Utilise a wide range of manual and automated tools to conduct penetration testing.Prepare detailed and comprehensive reports documenting identified vulnerabilities, their potential impact, and actionable remediation strategies, effectively communicating findings to clients.Stay abreast of the latest security threats, vulnerabilities, and attack vectors, proactively advising clients on emerging risks and recommending appropriate countermeasures.Collaborate with cross-functional teams of security professionals to implement tailored security best practices and guide clients in the secure development and deployment of applications and systems.Provide expert support during security incident response activities, assisting clients in investigating and remediating mobile app security incidents.Qualifications / Experience:Excellent written and verbal communication skills, with the ability to convey technical concepts in a clear and concise manner to both technical and non-technical clients.Degree in Computer Science, Information Security, or experience in a related field.Relevant industry certifications (e.g., OSCP, PNPT, CREST accredited certs, SANS) and/or experience in mobile applications, thick client applications, Citrix and Secure Code Review are highly desirable.Proven track record as a Penetration Tester, with significant experience in application, infrastructure and API security testing. A minimum of 2 years of experience in professional penetration testing is required.Extensive expertise in security vulnerabilities, threats, and attack vectors, coupled with a thorough understanding of industry best practices and standards (e.g., OWASP, NIST, PTES).Experience of collaborative testing frameworks e.g. Cobalt Strike / FaradaySolid understanding of application frameworks and architectures, operating systems (Windows, Unix), and underlying technologies.Proficiency in using cutting-edge penetration testing tools and frameworks (e.g., Burp Suite Professional, Nmap, Nessus, Metasploit, SoapUI/Postman/ReadyAPI).Strong understanding of programming and scripting (e.g., Python, Bash) to automate testing processes and develop custom scripts tailored to clients specific needs is a plus.Demonstrated ability to work independently and collaboratively within a team, effectively managing multiple testing engagements, meeting deadlines, and delivering high-quality results.Seniority levelSeniority levelMid-Senior levelEmployment typeEmployment typeFull-timeJob functionJob functionInformation TechnologyIndustriesIT Services and IT ConsultingReferrals increase your chances of interviewing at Ekco by 2xApplication Security Engineer (Pentester)Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 weeks agoWP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 weeks agoPetaling Jaya, Selangor, Malaysia 10 hours agoKuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 3 days agoKuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 6 months agoKuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 4 months agoSecurity Operations Analyst (Internship)Blockchain Security Technical Support EngineerKuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 weeks agoPetaling Jaya, Selangor, Malaysia 4 months agoWP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 weeks agoWP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 week agoInformation security Engineering specialistKuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 week agoOperations Engineer - Authentication & PKIKuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 4 months agoWere unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr