Job Description

Our Client is a leading Managed Security Service Provider (MSSP) in Malaysia, this company is renowned for delivering cutting-edge cybersecurity solutions using advanced technologies such as Microsoft Sentinel and Fortify. Their expertise covers a wide range of services, including Threat Intelligence, Cyber Surveillance, Security Engineering, Digital Forensics, and Compliance Services.

 

• Lead and manage a team of penetration testers, providing technical guidance, mentorship, and performance evaluations.
 

• Conduct advanced penetration testing on networks, web applications, mobile applications, cloud environments, and internal systems.
 

• Identify, exploit, and report vulnerabilities, while providing detailed remediation guidance and mitigation strategies.
 

• Develop and enhance penetration testing methodologies, tools, and frameworks to keep up with evolving attack techniques.
 

• Collaborate with cybersecurity teams to strengthen security controls and incident response strategies.
 

• Stay updated on the latest threats, vulnerabilities, and attack techniques to ensure the team remains at the forefront of cybersecurity trends.
 

• Perform red teaming and adversary simulation exercises to assess organizational security resilience.
 

• Communicate findings effectively to both technical and non-technical stakeholders, including executive leadership.
 

• Ensure compliance with industry security standards such as OWASP, NIST, ISO 27001, PCI-DSS, and others.
 

• Oversee documentation of test results, risk assessments, and mitigation plans for clients.
 

• Manage client engagements, ensuring the timely delivery of penetration testing projects.
 

Job Requirements

 

• Bachelor’s degree in Computer Science, Cybersecurity, or a related field (or equivalent experience).
 

• 5+ years of hands-on penetration testing experience, with at least 2 years in a leadership or senior role.
 

• Expertise in penetration testing tools such as Burp Suite, Metasploit, Nmap, Kali Linux, Wireshark, and similar.
 

• Strong understanding of networking, operating systems, web applications, APIs, and cloud security.
 

• Experience in Red Team engagements and adversary emulation.
 

• Proficiency in scripting and programming languages (Python, Bash, PowerShell, etc.).
 

• Relevant cybersecurity certifications such as OSCP, OSCE, OSWE, GPEN, GXPN, or similar.
 

• Excellent problem-solving skills with a strong analytical mindset.
 

• Ability to write detailed technical reports and present findings to both technical and non-technical audiences.
 

• Strong organizational and project management skills.
 

REMUNERATION PACKAGES:
Basic: RM 13,500

EPF, SOCSO, EIS

Working Days: Monday – Friday