DRSC T&T Consultant, Pen Tester

Title: DRSC T&T Cyber Defense & Resilience (based in Kuala Lumpur Malaysia) Consultant Pen Tester

Are you ready to unleash your potential

At Deloitte our purpose is to make an impact that matters for our clients our people and the communities we serve.

We believe we have a responsibility to be a force for good and WorldImpact is our portfolio of initiatives focused on making a tangible impact on societys biggest challenges and creating a better future. We strive to advise clients on how to deliver purpose-led growth and embed more equitable inclusive as well as sustainable business practices.

Hence we seek talented individuals driven to excel and innovate working together to achieve our shared goals.

We are committed to creating positive work experiences that foster a culture of respect and inclusion where diverse perspectives are celebrated and everyone is recognised for their contributions.

Ready to unleash your potential with us Join the winning team now!

Work youll do

Key Responsibilities:

• Conduct comprehensive penetration testing and vulnerability assessments across various web applications mobile applications and network infrastructure.
• Collaborate with clients to identify security vulnerabilities and propose effective remediation strategies.
• Perform mobile application security testing and provide insights for securing mobile platforms (iOS and Android).
• Prepare and present detailed security assessment reports for technical and non-technical stakeholders.
• Assist in developing and maintaining security standards and best practices for client systems.
• Work with development teams to advise on secure coding practices and implement security controls.
• Stay up to date with the latest trends in cybersecurity emerging threats and new vulnerabilities.
• Conduct risk assessments and provide security recommendations in compliance with industry standards.

Your role as a leader

At Deloitte we believe in the importance of empowering our people to be leaders at all levels. We connect our purpose and shared values to identify issues as well as to make an impact that matters to our clients people and the communities. AdditionallyConsultants across our Firm are expected to:

• Demonstrate a strong commitment to personal learning and development.
• Understand how our daily work contributes to the priorities of the team and business.
• Understand the set expectations and demonstrate accountability in keeping personal performance on track.
• Actively focus on developing effective communications and relationship-building skills with stakeholders clients and team.
• Demonstrate an appreciation for working with others.
• Understand what is fundamental to Deloittes success as a business.
• Demonstrate integrity and an awareness of strengths differences and personal impact.
• Develop their understanding of Deloitte and offer a fresh perspective.

Requirements

• 3 years of proven experience in security testing domains for example web network mobile cloud thick client vulnerability assessments and penetration testing.
• Bachelors degree in information security Computer Science or related field (or equivalent experience).
• Familiarity with mobile application security frameworks and testing tools.
• Hands-on experience with common security tools such as Burp Suite Pro Nmap Wireshark and Metasploit.
• Proficient in scripting languages like Python or Bash.
• Certifications: OSCP CRTP CREST or any other mobile security certifications such as eMAPT or SANS GMOB will be considered.
• Good knowledge with cloud security on platforms like AWS Azure or GCP.
• Knowledge of secure development lifecycle (SDLC) processes and thick client testing.
• Preferred red teaming or purple teaming experience if any.
• Excellent communication skills to convey technical details to both technical and non-technical audiences.
• Ability to work both independently and as part of a team in a fast-paced environment.

Due to volume of applications we regret only shortlisted candidates will be notified. Candidates will only be contacted by authorized Deloitte Recruiters via firms business contact number or business email address.