🤖 15+ AI Agents working for you. Find jobs, score and update resumes, cover letter, interview questions, missing keywords, and lots more.
Cookies & analytics consent
We serve candidates globally, so we only activate Google Tag Manager and other analytics after you opt in. This keeps us aligned with GDPR/UK DPA, ePrivacy, LGPD, and similar rules. Essential features still run without analytics cookies.
Read how we use data in our Privacy Policy and Terms of Service.
🤖 15+ AI Agents working for you. Find jobs, score and update resumes, cover letter, interview questions, missing keywords, and lots more.
Dencom Consultancy & Manpower Services • Mandaluyong, Metro Manila, Philippines
Role & seniority: Penetration Tester Analyst II, Application and Product Security; senior/lead-inclined responsibilities within a global team.
Stack/tools: Embedded devices and cloud services (AWS/Azure); white-box and black-box testing; data bus monitoring, data injection; communications and wireless protocol analysis; reverse engineering; proof-of-concept code; detailed technical reporting; GitLab issue management.
Conduct security testing, threat assessments, and audits of embedded systems, mobile/web apps, and cloud components; identify design/implementation weaknesses.
Document findings clearly and relay them to engineering teams; drive mitigations and ensure compliance with security requirements.
Develop and enhance internal testing processes and procedures; mentor junior resources and coordinate testing activities across regions; support breach response as needed.
Extensive experience across embedded devices and cloud ecosystems (AWS/Azure); familiarity with white-box and black-box engagements.
Ability to evaluate designs, document gaps, and communicate findings to technical audiences.
Broad attack-vector knowledge, reverse engineering, protocol analysis, and capabilities in data injection and security testing workflows; adherence to vulnerability management and incident response processes.
The Penetration Tester Analyst II | Application and Product Security is responsible for security pen testing, monitoring, and auditing within a dynamic global organization. The products under test will have the coverage of embedded devices and cloud services. The Senior Pen Tester should have exposure to embedded devices as well as cloud services (AWS/Azure). Some of the products will be white box tests while others will be total black box engagements.
A successful Senior Pen Tester will be able to take the product and evaluate the weak points in the design and implementation and focus in on those weaknesses to find security gaps. All the findings by the Senior Pen Tester will need to be clearly documented and relayed to the design team for mitigation. The Senior Pen Tester will need to be very versatile in their attack vectors and their knowledge of exploits. The ideal candidate will be well experienced in a broad range of attack vectors across a wide spectrum of devices from small, embedded devices to wide and complex cloud ecosystems.
They will be responsible for interfacing with engineering teams to conduct security testing, auditing and should be able to explain the findings. They will be responsible for ensuring that engineering teams stay in compliance with the security expectations of the global organization. The Senior Pen Tester will be expected to stay current with the latest security threats and attack vectors that can be deployed against the product portfolio. They should also have experience in communicating clearly and concisely the findings of these activities to an audience.
The testing activity and methodology deployed to confirm compliance is guided but expected to be enhanced by the Senior Pen Tester. The Senior Pen Tester will be expected to use their knowledge and experience to further develop internal testing processes and procedures.
Responsibilities
In addition to performing internal application and product security assessments the Analyst II | Application and Product Security will be expected to support response to possible breaches of security based on newly disclosed information.
Other Key Duties Include
Conduct security evaluation and threat assessments of embedded systems, mobile applications, web applications Conduct research for the purposes of finding new vulnerabilities and enhancing existing capabilities Circumventing security protection methods and techniques Performing data bus monitoring (snooping) and data injection Conduct communications protocol analysis in the embedded products, and applications Conduct wireless communications channel snooping, and data injection Reverse engineering complex systems and protocols Create detailed technical reports and proof of concept code to document findings Perform System Breakdown of the project/product before testing, identify and evaluate all the testing requirements and plan out the detailed testing activities, resources etc. Proactive detailed interaction with respective engineering group on the testing needs, testing progress/status and provide detailed analysis report Have effective Gitlab issue management reviewing and, providing mentorship and direction on planned testing activities for junior resources in line with defined processes and procedures. Assist in leading testing activities in all the regions, provide head-to-head support to Assessment Pillar Manager and help to drive continuous improvement in testing processes and procedures. Thorough adherence and follow-up of VERTIV SECURE requirements and Vulnerability Management and Incident Response processes. Preference given to other practical skills such as functional analysis, memory image capture, static memory analysis, and data element extraction, etc.