Enable job alerts via email!

Penetration Tester

LightsUp Network Solution Sdn Bhd

Kuala Lumpur

On-site

MYR 80,000 - 120,000

Full time

2 days ago

Be an early applicant

Generate a tailored resume in minutes

Land an interview and earn more. Learn more

Job summary

A cybersecurity solutions company in Kuala Lumpur is seeking an experienced professional for a security role focused on penetration testing and vulnerability assessment. The ideal candidate will have 3–5 years of experience and a Bachelor’s Degree in Cybersecurity or related field. Responsibilities include conducting tests across various environments, collaborating with teams, and staying ahead in emerging threats. Benefits include annual leave, training, and performance bonuses.

Benefits

Annual Leave

Medical Leave

Performance Bonus

Training Provided

Qualifications

3–5 years of experience in penetration testing and vulnerability assessment.
Strong knowledge of MITRE ATT&CK framework and OWASP Top 10.
Preferred certifications include OSCP, eJPT, GPEN, CEH, or CRTP.

Responsibilities

Plan and execute penetration tests across multiple environments.
Identify and exploit vulnerabilities to assess business impact.
Collaborate with SOC teams to enhance detection capabilities.

Skills

Penetration testing

Vulnerability assessment

Red team operations

API security testing

Cloud security testing

Mobile security testing

Burp Suite

Nmap

Metasploit

Python scripting

Education

Bachelor’s Degree in Cybersecurity or related discipline

Tools

Wireshark

Kali Linux

Nessus

Requirements

Bachelor’s Degree in Cybersecurity, Computer Science, Information Technology, or related discipline.
3–5 years of hands-on experience in penetration testing, vulnerability assessment, or red team operations.
Strong technical knowledge of network, web application, API, cloud, and mobile security testing.
Proficiency in tools such as Burp Suite, Metasploit, Nmap, Nessus, Wireshark, Hydra, and Kali Linux.
Experience developing and executing exploit code, payloads, and scripts (Python, Bash, PowerShell).
Solid understanding of MITRE ATT&CK framework, OWASP Top 10, and Cyber Kill Chain.
Ability to simulate real-world threat scenarios and perform adversary emulation exercises.
Certifications such as OSCP, eJPT, GPEN, CEH, or CRTP are preferred.
Familiarity with SIEM, EDR, and SOC operations is a plus.

Responsibilities

Penetration Testing & Vulnerability Assessment:

Plan, execute, and report internal and external penetration tests across various environments (network, web, mobile, cloud, and IoT).
Identify, exploit, and validate vulnerabilities to determine real-world risk and business impact.
Conduct red team and adversary emulation exercises to evaluate defensive capabilities.
Perform post-exploitation tasks such as privilege escalation, lateral movement, and data exfiltration simulation.
Develop custom scripts, exploits, and attack scenarios to improve test coverage and automation.
Deliver comprehensive technical reports and executive summaries with remediation recommendations.

Threat Simulation & Collaboration:

Collaborate with SOC and Blue Team analysts to enhance detection and response capabilities.
Validate SOC alerts, detection rules, and SIEM use cases against real attack scenarios.
Participate in purple team engagements to bridge offensive and defensive security knowledge.
Contribute to the continuous improvement of testing methodologies, tools, and procedures.

Research & Innovation:

Stay updated with emerging threats, exploits, and security techniques.
Contribute to internal threat intelligence and maintain a repository of attack techniques and tools.

Benefits

Annual Leave
Medical and Hospitalisation Leave
EPF
SOCSO
Training Provided
Performance Bonus
Company Trip
5 Working Days
Annual Bonus

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.

Top cities

Top companies

Popular jobs