Opportunity
Senior Officer for Vulnerability Assessment - 01Post.
Posted: 06/06/2023 ,
Closing Date: 19/06/2023
Job Description
The main purpose of the “Senior Officer for Vulnerability Assessment” position is a process of evaluating security risks in software systems to reduce the process of evaluating security risks in software systems to reduce the probability of threats. The purpose o vulnerability testing is reducing the possibility for intruders/hackers to get unauthorized access of system. it depends on the mechanism named Vulnerability Assessment and Penetration Testing (VAPT) or VAPT testing.
Location
Location:
Head Office, Phnom Penh
Duties and Responsibilities
- Conduct Vulnerability assessments for endpoints (ATM, Server), networks, firewall, and applications.
- Produced reports of findings, and worked cooperatively with relevant team to implement remedial measures.
- Use automated tools (e.g. Nessus, Rapid-7, Qualys) to pinpoint vulnerabilities and reduce time-consuming tasks.
- Develop, test and modify custom scripts and applications for vulnerability testing.
- Use offensive tool sets including kali-Linux, Metasploit, burp-suite, intercepting proxies etc. to perform manual testing.
- Perform basic application testing (automate tool, manual exploitation) by using common attack vectors.
- Manually validate report findings to reduce false positive.
- Write and present, communicate the vulnerability assessment report with all related stakeholders.
- Perform other task as assigned by supervisor or Management.
Skills Specifications
- Bachelor’s degree in computer science, computer information systems or equivalent field.
- At least 2 years’ experience in information technology.
- Ability to maintain critical thinking and composure under pressure.
- Good understanding of network, System concept and technology.
- Ability to convey complex concepts to non-technical constituents.
- Proficiency in oral and written Khmer and English.
- Ability to work in team, learning and self-development attitude.
- Basic project management experience and/or knowledge.
- Good understanding of windows Server/Client OS and/or Linux OS hands-on experience.
- Good knowledge of network protocols (TCP/IP stack) and corporate IT infrastructure.
- Hold any certification such as CompTIA Security+, SSCP, eJPT is preferred.
How to Apply
Interest Candidates, please click HERE: