[ref. e98443921] Lead Penetration Tester (MSSP/ Cybersecurity) in PJ [GG] - Ampang Jaya

Our Client is a leading Managed Security Service Provider (MSSP) in Malaysia, this company is renowned for delivering cutting-edge cybersecurity solutions using advanced technologies such as Microsoft Sentinel and Fortify. Their expertise covers a wide range of services, including Threat Intelligence, Cyber Surveillance, Security Engineering, Digital Forensics, and Compliance Services.

• Lead and manage a team of penetration testers, providing technical guidance, mentorship, and performance evaluations.
• Conduct advanced penetration testing on networks, web applications, mobile applications, cloud environments, and internal systems.
• Identify, exploit, and report vulnerabilities, while providing detailed remediation guidance and mitigation strategies.
• Develop and enhance penetration testing methodologies, tools, and frameworks to keep up with evolving attack techniques.
• Collaborate with cybersecurity teams to strengthen security controls and incident response strategies.
• Stay updated on the latest threats, vulnerabilities, and attack techniques to ensure the team remains at the forefront of cybersecurity trends.
• Perform red teaming and adversary simulation exercises to assess organizational security resilience.
• Communicate findings effectively to both technical and non-technical stakeholders, including executive leadership.
• Ensure compliance with industry security standards such as OWASP, NIST, ISO 27001, PCI-DSS, and others.
• Oversee documentation of test results, risk assessments, and mitigation plans for clients.
• Manage client engagements, ensuring the timely delivery of penetration testing projects.

Requirements:

• Bachelor’s degree in Computer Science, Cybersecurity, or a related field (or equivalent experience).
• 5+ years of hands-on penetration testing experience, with at least 2 years in a leadership or senior role.
• Expertise in penetration testing tools such as Burp Suite, Metasploit, Nmap, Kali Linux, Wireshark, and similar.
• Strong understanding of networking, operating systems, web applications, APIs, and cloud security.
• Experience in Red Team engagements and adversary emulation.
• Proficiency in scripting and programming languages (Python, Bash, PowerShell, etc.).
• Relevant cybersecurity certifications such as OSCP, OSCE, OSWE, GPEN, GXPN, or similar.
• Excellent problem-solving skills with a strong analytical mindset.
• Ability to write detailed technical reports and present findings to both technical and non-technical audiences.
• Strong organizational and project management skills.

Basic: RM 13,500

EPF, SOCSO, EIS

Experience Required: Min 5 Year/s