Senior Penetration Tester

The Senior Penetration Tester is responsible for planning, executing, and leading penetration testing engagements to identify security vulnerabilities across networks, applications, systems, and cloud environments.

• Lead and perform penetration testing activities including: Web application, Network & infrastructure, API, Cloud environments
• Conduct black-box, grey-box, and white-box testing.
• Identify, exploit, and validate security vulnerabilities using manual and automated techniques.
• Develop clear, accurate, and actionable penetration test reports, including:
  • Proof of concept (PoC)
  • Impact analysis
  • Remediation recommendations
• Present findings to clients, management, and technical teams.
• Review and validate findings from junior pentesters.
• Provide technical guidance and mentoring to junior team members.
• Support red team exercises, vulnerability assessments, and security audits.
• Stay current with the latest threats, vulnerabilities, tools, and attack techniques.
• Assist in improving internal testing methodologies, tools, and documentation.
• Ensure testing activities comply with legal, regulatory, and contractual requirements.

Strong knowledge of:

• TCP/IP, DNS, HTTP/HTTPS
• Network architecture and security controls

Hands‑on experience with tools such as:

• OWASP ZAP, SQLmap, Nikto

In‑depth understanding of:

• OWASP Top 10

Experience with scripting/programming (at least one):

• Familiarity with cloud security (AWS, Azure, GCP) is an advantage.

• Minimum 4–6 years of hands‑on penetration testing experience.
• Proven experience leading penetration testing engagements independently.
• Strong report writing and communication skills.
• Bachelor’s degree in Computer Science, IT, Cybersecurity, or equivalent experience.
• Relevant certifications (one or more preferred):
• OSCP / OSEP / OSWE
• CEH / CEH Master
• GPEN / GWAPT / GXPN
• CREST (CRT, CCT)

Interested applicants, kindly send your resume in MS WORD format to ****@trustrecruit.com.my or please click on “Apply Now” and provide the below details in your resume.

We regret only shortlisted candidates will be notified.

Important Note: Agensi Pekerjaan Trust Recruit Sdn Bhd is committed to safeguarding your personal data in accordance with the Personal Data Protection Act (PDPA).

Please read our privacy statement on our corporate website www.trustrecruit.com.my

Be careful - Don’t provide your bank or credit card details when applying for jobs. Don't transfer any money or complete suspicious online surveys. If you see something suspicious, report this job ad.