IT Auditor (Risk, Security & Compliance)

Established in 2004, AGES is a comprehensive solutions provider for various cyber and IT applications. The company has garnered substantial market recognition and is accredited as a Qualified Security Assessor (QSA) organization. AGES offers independent security audits, assessments, and compliance validation services.

AGES acknowledges the heightened potential security threats that stems from business dependencies on technologies, particularly in payment and mobile security controls, where market conditions and requirements vary significantly. AGES endeavours to play a pivotal role in the market by addressing such security threats, particularly in establishing a more secure platform for these industries.

As a pioneer in cryptography, cyber security, and related payment environments, AGES has garnered substantial market recognition and is recognized by numerous prominent organizations. AGES brings together industry experts in cyber and IT, including specialists in cyber technologies, cryptography, payment systems security, IT security, systems development, project management, and business development.

AGES has also garnered relevant in-depth experience with significant organizations such as Payment Card Industry (PCI) Security Standards Council (SSC), MasterCard International (MCI), VISA, American Express (AMEX), JCB, Diners/Discover, NPCI – RuPAY, and UnionPay International (China UnionPay – UPI), enable AGES to effectively reach out to diverse clientele across global markets.

Organizations engaged in physical and logical security activities related to the production and provisioning of payment cards for various brands must adhere to the PCI Card Production and Provisioning (CP) requirements. AGES is a market leader in PCI CP security assessments that encompass physical and logical security, cybersecurity, information security, network and data security, and cryptographic key management. AGES has developed into a critical source of security and certification support for numerous card plants.

AGES is committed to integrating sustainability and scaling its ESG initiatives into its core business operations to facilitate the transition towards a cleaner and more sustainable future for society. We envision significant growth in its security audit programs to position itself among the global top audit providers for these programs.

We are looking for competent individuals to join our team, to conduct security assessments and vulnerability testing relating to the payment and IT security industry.

To evaluate technologies against cybersecurity standards and stay current on IT security regulations and standards (eg: PCI CPSA, PCI DSS, PCI 3DS).

Undergo company bond-sponsorship for industrial professional certifications, courses, examinations and overseas on-the-job trainings.

Weekly traveling is required.

This is an ideal role for a highly organised individual who has a good command of language, possess excellent interpersonal skill, good writing skills and holds a keen interest in IT to join our expert IT auditing and security.

• Conduct compliance assessments, provisioning of assessment reports, perform vulnerabilities scans and network penetration tests for local and overseas customers (if required), enhancement of in-house penetration test system - PAYGE, system security testing and quality assurance activities.
• Network penetration testing follows the NIST Special Publication 800-115, you will conduct testings using tools not limiting to Metasploit, Wireshark, Nessus, Nikto, Nicat, John the Ripper, AppScan, Greenbone, and Netcraft.
• Configuration of VM image for VM Box used for vulnerability scans and network penetration tests. VM image may deploy Kali Linux.
• Clients in scope cover but not limited to organisations certified under the Payment Card Industry (PCI) Card Production (CP), and PCI Data Security Scheme (DSS) programs, where you will be conducting the assessments and testings.
• Document work papers, report preparation and quality assurance, and attend in house training sessions.
• Any other ad-hoc tasks and job rotation as assigned by your reporting officer.

• Degree in Computing or equivalent (with relevant industry certifications) with minimum 1 to 10 years of IT working experience;
• Able to travel weekly for short trips;
• Ability to speak and write to our Taiwanese speaking clients;
• Certified CISA and CISM/CISSP preferred.

AGES has a friendly working environment with a highly motivated and hard-working team. This role should appeal if you enjoy verifying information, has an inquisitive mind, is an effective communicator and enjoy challenging yourselves to make a positive impact to our clients and our peoples.

The IT security and audit industry is fast-paced and busy, so we are looking for colleagues who have a positive and results focused attitude. You should also like traveling worldwide for work related projects too.

This breadth and depth of experience, combined with technical and communication skills in the payment security assessment domain, makes youa valuable asset to any organisation, opening up opportunities in areas such as IT Risk Management, IT Compliance, Technology Operations, and Cyber Information Security.

Be careful - Don’t provide your bank or credit card details when applying for jobs. Don't transfer any money or complete suspicious online surveys. If you see something suspicious, report this job ad.