Senior IT Security Officer (mảng Pentest)

Work Location Ha Noi

Job Level Experienced (Non - Manager)

Job Type Permanent

Experiences 2 - 5 Years

Salary Negotiable

Industry IT - Software

Deadline to Apply 14/02/2026

Apply Now Not ready to apply?

Share Facebook Linkedin Twitter Save to my jobs

Hướng dẫn ứng tuyển

Bước 1: Điền vào Mẫu thông tin ứng viên LOTTE Finance, tải mẫu tại đây,
Bước 2: Chọn nút "Nộp đơn" bên trên và làm theo hướng dẫn.
Bước 3: Sau khi hoàn tất bước ứng tuyển, nếu đã ứng tuyển thành công, Bạn sẽ nhận được Thư xác nhận ứng tuyển thành công từ LOTTE Finance. Vui lòng đọc email để nắm các thông tin hướng dẫn tuyển dụng tại LOTTE Finance.

Chúc Bạn Sức khỏe và Thành công.

Job Benefit

Insurance
Allowances
Uniform
Incentive bonus
Health checkup
Training & Development
Salary review
Seniority Allowance
Annual Leave

Job Description

Penetration Testing: Plan, execute, and document penetration tests on web applications, networks, APIs, mobile apps, and cloud environments.
Vulnerability Assessment: Identify, analyze, and prioritize vulnerabilities; provide actionable recommendations for remediation.
Exploit Development: Simulate real-world attack scenarios to validate security controls and uncover potential weaknesses.
Red Team Engagements: Participate in or lead red team exercises to test organizational resilience against advanced threats.
Compliance & Standards: Ensure testing aligns with industry frameworks (OWASP, ISO 27001, PCI DSS...) and regulatory requirements.
Tooling & Automation: Utilize and maintain penetration testing tools (Burp Suite, Metasploit, Kali Linux, etc.) and develop custom scripts for advanced testing.
Reporting & Documentation: Prepare detailed reports outlining findings, risk impact, and recommended mitigations for technical and non-technical stakeholders.
Collaboration: Work closely with security architects, SOC teams, and developers to address vulnerabilities and improve secure coding practices.
Continuous Improvement: Stay updated on emerging threats, exploit techniques, and security technologies; contribute to internal knowledge sharing and training.
Data Protection: Ensure testing activities do not compromise sensitive data or violate privacy regulations.
Provide training and enhance cybersecurity awareness within the organization.
Research, propose, and implement new security technologies to improve security assessment and protection of IT systems.
Perform other tasks as assigned by management.

Job Requirement

1. Education: Bachelor's degree in Computer Science, Information Security, or related field.
2. Technical Knowledge:
- Proficiency in at least one programming language (PHP, Python, C/C++, Java) and understanding of Software - Development Life Cycle (SDLC).
- Strong knowledge of network protocols, web application security, cloud environments, and secure coding principles...
3. Experience:
- Security testing for Web, API, Mobile, Winform Applications, Network, Infrastructure, and OS.
- Identifying and assessing vulnerabilities in IT systems.
- Security standards such as PCI DSS, OWASP, and cybersecurity attack techniques.
- Reviewing security requirements in BRD and business processes before system development.
4. IT Proficiency:
- Proficiency with penetration testing tools and scripting languages (Python, Bash, PowerShell).
- Information gathering, vulnerability scanning, and security exploitation tools.
5. Skills:
- Documentation and report writing skills.
- Effective communication and presentation skills.
- Analytical and problem-solving abilities.
- Risk management skills.
- Understanding of exploit development, reverse engineering, and threat modeling.
6. Experience: Minimum of 2 years of experience in penetration testing or ethical hacking roles for web applications, mobile applications, server systems, and network devices.
7. Preferred Qualifications: Security certifications such as GPEN, LPT, CEH, OSCP, GWAPT or equivalent penetration testing certifications. Candidates with CVEs or contributions to cybersecurity projects are highly preferred.

Job tags: Senior IT Security Officer mảng Pentest

Current Job