Technical skills and Experience:
- Minimum 2 years of direct security experience. Fresh graduates are welcomed if the answers are Yes to following items.
- Strong knowledge in web application architecture (including component, model, framework, library, ...)
- Strong knowledge in web application attack tactics/techniques/procedures.
- Knowledge in web application defenses, best practice in security.
- Familiar with various security scanners including port scanner, directory scanner, vulnerability scanner
- Familiar with Using security pen-test tools such as Burp Suite, Nuclei …
- Familiar with Writing security template scan such as Bcheck, Nuclei …. Templates.
- Proficient in at least one of the following programming/scripting languages: Python, Golang, Perl, PHP, C#, Java, JavaScript and Bash. Other programming languages can be considered.
- Practical knowledge in exploit writing/development.
General skill:
- Self-Learn.
- English (at least reading and writing skill).
- Presentation.