(Overseas candidate ok!)Senior Associate - Penetration Testing (6 months contract renewable)
(Overseas candidate ok!)Senior Associate - Penetration Testing (6 months contract renewable)
Job type:
Skillhouse Contract
Specialization:
IT Consulting & Strategy
Language Level:
Japanese Level - Low Intermediate (JLPT Level 4),English Level - Advanced (TOEIC 860)
Location:
Tokyo
Salary:
¥10,000,000.00 - ¥12,000,000.00 Monthly
Job Reference:
478300
A Global Financial firm is seeking a Penetration Testing Specialist . The ideal candidate will be responsible for conducting in-depth penetration tests to identify vulnerabilities and weaknesses in the organization’s systems, applications, and networks. The role is vital for proactively defending against potential cyber threats, ensuring security compliance, and enhancing the overall security posture of the organization.
Responsibilities:
- Plan, design, and execute comprehensive penetration tests (external, internal, web application, network, and wireless)
- Identify vulnerabilities across various environments including networks, applications, and infrastructure, using both manual and automated testing methods
- Perform advanced exploitation of vulnerabilities, including privilege escalation, post-exploitation activities, and lateral movement techniques
- Analyze and evaluate test results, providing detailed reports with clear explanations, findings, risks, and recommended remediation strategies
- Simulate real-world cyber-attacks, including social engineering, phishing, and other tactics to assess the security defenses of the organization
- Develop and maintain penetration testing tools and scripts for automating testing processes
- Collaborate with IT and development teams to verify security weaknesses and ensure remediation of identified issues
- Conduct vulnerability assessments and risk assessments to complement penetration tests
- Stay up-to-date with the latest penetration testing tools, methodologies, and security trends
- Lead and support regular red team/blue team engagements, ensuring a comprehensive evaluation of the security environment
- Provide security training and awareness to internal stakeholders based on testing results and findings
- Maintain clear documentation of testing processes, methodologies, and findings
Requirements:
- Extensive years of experience in penetration testing, vulnerability assessment, or ethical hacking
- Strong knowledge and hands-on experience with penetration testing tools (e.g., Burp Suite, Kali Linux, Metasploit, Nessus, Nmap, etc.)
- Expertise in identifying, exploiting, and mitigating a wide range of vulnerabilities across networks, systems, and web applications
- In-depth understanding of network protocols (TCP/IP, DNS, HTTP/S, etc.), operating systems (Windows, Linux, etc.), and web technologies (HTML, SQL, JavaScript, etc.)
- Strong understanding of common attack vectors and techniques, including SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF), buffer overflows, and privilege escalation
- Familiarity with security frameworks (OWASP, NIST, etc.) and best practices
- Strong knowledge of security tools, methodologies, and techniques used in both offensive and defensive security (e.g., SAST, DAST, SIEM, VAPT)
- Must have one of the following certifications: OSCP, OSCE, OSWP, or CREST (Certified Penetration Testing or equivalent)
- Proven track record in identifying, reporting, and/or exploiting CVEs (Common Vulnerabilities and Exposures) and contributing to vulnerability databases
Why should you apply:
- You will be part of a Global IT team to be part of winning asset banking
- Good managers to work with
- Diverse environment (Good mix of female and male management team, international)
- Stable environment
- First-hand experience on high level digital transformation
Company Details:
Headquartered in Tokyo with offices in Hong Kong, London, and New York, it is Japan's largest securities firm, employing approximately 26,000 staff worldwide and offering a full range of equity, fixed income, foreign exchange, and other investment products and services.
Working Hours: 08:40 – 17:40
Workstyle: By principle, it will be 1 day working in office, 4 days working from home (Depending on nature of the job, it will be decided by department head)
Holidays: Saturday, Sunday, and National Holidays, Year-end and New Year Holidays, Paid Holidays, Other Special Holidays
Benefits: Social insurance, DC pension plan, transportation, Skillhouse university etc.
Share this job