Job title: Vulnerability Management Analyst (On-site 100%)
Job type: Permanent
Emp type: Full-time
Industry: Information Technology (IT)
Functional Expertise: Information Technology (IT)
Salary type: Monthly
Salary from: THB ฿70,000.00
Salary to: THB ฿120,000.00
Location: Bangkok, TH
Job published: 2024-12-02
Job ID: 124035
Contact name: Methavee Mek-um, Paramee Numkid

Job Description

More than just a recruitment company. At PRTR, we have been a part of our customer's success for 30 years as their total HR solutions partner. With 550 dedicated professionals and over 15,000 outsourced staff, we will continue to carry out our mission to develop a better career, a better life, and a better society, and thrive to become the No.1 people solutions organization in Southeast Asia.

Role & Responsibilities:

  • Conducting API manual penetration testing.
  • Performing web application penetration testing, adhering to OWASP standards.
  • Using Burp Suite for both manual and automated penetration testing.
  • Analyzing requests and responses manually, identifying common vulnerabilities, and segregating false positives to ensure accurate results.
  • Applying in-depth knowledge of OWASP's top 10 API and web application vulnerabilities (SQL injection, XSS, CSRF, etc.).
  • Working with DAST and SAST tools.
  • Preparing comprehensive security reports, detailing identified vulnerabilities and providing recommendations to clients.
  • Possessing basic knowledge of RESTful and SOAP APIs.
  • Gaining experience in information security and vulnerability management.
  • Securing the client environment by implementing effective vulnerability management processes.
  • Maintaining and enhancing the daily operations of the security team, providing 9/5 security support.
  • Validating incidents, performing incident analysis, recommending solutions, resolving escalations, maintaining a knowledge base, and implementing patches.
  • Closing incidents and reports effectively.
  • Taking ownership and accountability for issue escalations from clients.
  • Continuously monitoring vulnerability trends and metrics to assess the impact on platform and application security assurance (VM + policy compliance scan + penetration testing).

Required Skills:

  • Proficiency in Qualys, Tenable, Burp Suite, Postman, Checkmarx, SonarQube, and SonarCloud.
  • Knowledge of threat intelligence concepts.
  • Familiarity with change management and CMDB.
  • A continual system improvement mindset, with the ability to demonstrate this in work.
  • Strong client-facing technical analysis report and presentation skills.
  • Ability to collaborate effectively with both offshore and onsite teams.
  • Experience in global consulting.
  • Familiarity with DLP tools, policies, and procedures.
  • Proficient in English.
  • Ability to work on-site near BTS Onnut.