CrawlJobs Logo
Saigon Technology Logo Saigon Technology · IT - Software Development

Security Engineer / Penetration Tester

Vietnam, Da Nang · Job Posted May 29, 2026
Apply Position
Job Link Share

Job Description

Conduct security audits and penetration testing on all web application projects we are implementing for our clients to ensure no security risks before production release. Perform vulnerability assessments, security code reviews, and threat modeling across all client projects. Collaborate with development teams to remediate identified security issues and provide secure coding guidance. Document findings in detailed security audit reports with reproducible steps and recommended fixes. Support manager to build, maintain, and improve internal security testing checklists, tools, and processes. Research and keep up-to-date with the latest security threats, CVEs, and best practices. Support pre-release security sign-off as part of the production release process.

Job Responsibility

  • Conduct security audits and penetration testing on all web application projects we are implementing for our clients to ensure no security risks before production release
  • Perform vulnerability assessments, security code reviews, and threat modeling across all client projects
  • Collaborate with development teams to remediate identified security issues and provide secure coding guidance
  • Document findings in detailed security audit reports with reproducible steps and recommended fixes
  • Support manager to build, maintain, and improve internal security testing checklists, tools, and processes
  • Research and keep up-to-date with the latest security threats, CVEs, and best practices
  • Support pre-release security sign-off as part of the production release process

Requirements

  • 1-3 years of experience in application security, penetration testing, or security engineering (Junior to Middle level)
  • Solid understanding of OWASP Top 10 and common web application vulnerabilities (SQLi, XSS, CSRF, SSRF, IDOR, authentication and session flaws, insecure deserialization)
  • Hands-on experience with security testing tools such as Burp Suite, OWASP ZAP, Nmap, sqlmap, Metasploit
  • Ability to perform manual penetration testing of web applications and REST APIs (black-box and grey-box)
  • Good understanding of authentication, authorization, encryption (TLS, hashing, JWT), and secure coding principles
  • Ability to write clear, actionable security audit reports in English
  • Strong analytical and problem-solving skills, ownership mindset

Nice to have

  • Security certifications such as CEH, eJPT, eWPT, OSCP, or CompTIA Security+
  • CTF participation, bug bounty experience, or public CVE disclosures
  • Experience with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes)
  • Knowledge of DevSecOps and CI/CD security integration (SAST, DAST, SCA tools)
  • Familiarity with mobile application security testing (iOS / Android)
  • Scripting skills in Python or Bash for security automation
  • Experience working in an outsourcing / ODC model with international clients

What we offer

  • 13th-month salary, salary review twice/year and project bonus
  • Bonus programs for candidate referral, technical article writing
  • Allowance for sickness, maternity, paternity and periodic health examination
  • PVI health care program
  • The staff of the quarter and year reward
  • A professional English-speaking working environment with Agile – Scrum model
  • Hybrid Working Model: Flexible working time and WFH support
  • Annual company trip and regular team-building parties, party celebration (Christmas, Birthday, Mid-autumn,...), Sports clubs (football, badminton, swimming …)
  • Sponsor examination fee for professional certificates (AWS, Azure, IELTS, PMP, Scrum Master,...)
  • Sponsor fee for joining any technical training sessions and courses
  • Free English workshops
Saigon Technology - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Security Engineer / Penetration Tester

8 matching positions

Application Penetration Tester

We are looking for security engineer who loves solving interesting problems and ...
Location
Location
Poland , Warszawa
Salary
Salary:
Not provided
https://www.bosch.pl/ Logo
Robert Bosch Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 5 years of combined experience in penetration testing and security engineering roles
  • Professional certifications such as OSCP, CEH, CISSP, CISM, or equivalent
  • Advanced level of understanding of OWASP Top 10, CVE, general security controls, and other foundational topics such as the latest web application system exploits
  • Attacker mindset for breaking the websites with practical knowledge of OWASP
  • Commanding knowledge of VAPT concepts and best practices, including the requirements for WhiteHat/ethical hacking
  • Expert understanding of the difference between a vulnerability assessment and a penetration test in the context of assessment scope, objectives, and deliverables
  • In depth experience with common automated VAPT tools such as Nessus, Burp Suite
  • Proficiency with other common attack tools and frameworks such as Wireshark, Kali, Metasploit, etc.
  • Working knowledge of DevSecOps, CIS Security benchmarks, scripting languages (Python, PowerShell, Bash) for automation
  • Fluent English (both verbal and written)
Job Responsibility
Job Responsibility
  • Black-box and Grey Box penetration test applications
  • Security testing including reverse engineering of Mobile applications (Android and iOS)
  • Create innovative attacks tools/automations for project specific needs
  • Communicate complex vulnerability results to technical and non-technical audience
  • Perform research and contribute to open-source community on new attack methodology, vulnerability findings
  • Scope penetration tests and contribute to penetration test project management
What we offer
What we offer
  • Competitive salary + annual bonus
  • Hybrid work with flexible working hours
  • Referral Bonus Program
  • Copyright costs for IT employees
  • Private medical care and life insurance
  • Cafeteria System with multiple benefits (incl. MultiSport, shopping vouchers, cinema tickets, etc.)
  • Prepaid Lunch Card
  • Number of benefits for families (for instance summer camps for kids)
  • Non-working day on the 31st of December
  • Fulltime
Read More
Arrow Right

Senior Penetration Tester

As a Penetration Tester, you'll conduct regular, comprehensive security assessme...
Location
Location
Belgium , Brussels
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5 years' experience in one or more of the following areas: Penetration Tester, Red/Purple Team Member, Security Engineer
  • Knowledge of technologies up to system level (web frameworks, communications protocols, database systems)
  • Offensive security knowledge of cyber-attack techniques, vulnerabilities, and mitigation strategies
  • Knowledge of penetration testing tools, frameworks, and methodology
  • Skills using Kali Linux, Nmap, PowerShell, Metasploit, Cobalt Strike, OWASP ZAP, Burp Suite
  • Proficiency in scripting
  • Awareness of frameworks such as MITRE ATT&CK and NIST and how they can be applied effectively within an enterprise
  • Familiarity with the latest exploits, tactics, techniques, and procedures (TTP), vulnerability remediation and security trends
  • Cyber security qualifications from Offensive Security, SANS, Pentester Academy, CREST, eLearnSecurity or others
Job Responsibility
Job Responsibility
  • Scoping and executing of complex penetrations test across a wide scope of technologies, products, services, and applications and critical infrastructure companies
  • Helping the team to define and improve the internal security testing programme
  • Documenting technical issues both Cyber and IT related during testing assessments
  • Improve our monitoring services by working in purple style exercises and operating in a red team capacity to improve the ability to detect and respond to threats
  • Supporting incident response by providing context and expertise around cyber threats
  • Mentor to our junior & medior colleagues
What we offer
What we offer
  • Extensive career development opportunities, both local and international
  • Part of a dynamic network of 56,000 professionals at all stages of their careers
  • Wide array of offices to explore
  • Fulltime
Read More
Arrow Right

Product Security Engineer

Join Airtable as a Product Security Engineer and play a pivotal role in shaping ...
Location
Location
United States , San Francisco; Seattle; New York City; Los Angeles
Salary
Salary:
170000.00 - 277000.00 USD / Year
airtable.com Logo
Airtable
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years experience in product security and application security
  • Experience shipping production code
  • Skilled at conducting in-depth security reviews and collaborating with engineering teams
  • Proficient in writing clean, maintainable code
  • Hands-on experience with AI product security for LLM-powered products
  • Strong communicator and collaborator, able to drive security initiatives
  • Comfortable making systems as well as breaking them
  • Familiar with JavaScript or TypeScript, Node, Linux, and AWS or comparable technologies
  • Comfortable working in a fast-paced environment and contributing to long-term security strategy
Job Responsibility
Job Responsibility
  • Partner with product teams to review product plans, designs, and code for security considerations
  • Lead and implement programs that raise the bar for application and product security
  • Build and ship frameworks that make it easy for product engineers to ship secure code
  • Triage and drive remediation for findings from external penetration testers
  • Research emerging threats and evolving best practices, especially in AI and LLM safety
  • Work with advisors and third party vendors on penetration tests, security reports and compliance projects
  • Contribute to roadmaps, metrics and strategic planning for the product security team
What we offer
What we offer
  • Benefits
  • Restricted stock units
  • Incentive compensation
  • Fulltime
Read More
Arrow Right

Cloud Security Test Engineer

This role involves designing and executing complex penetration tests against clo...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • B.E / B.Tech / M.Tech / MCA in Computer Science or Information Technology
  • Minimum of 2 to 6 years penetration testing, with a strong focus on cloud environments
  • In-depth understanding of cloud technologies (AWS, Azure, GCP) and their security implications
  • Proficiency in advanced penetration testing tools and techniques, such as Burp, ZAP, Metasploit, Cobalt Strike, and PowerSploit
  • Experience with container technologies (Docker, Kubernetes) and serverless architectures
  • Strong scripting skills (Python, PowerShell) for automation and custom tool development
  • Experience with security orchestration, automation, and response (SOAR) platforms
  • Active security certifications such as OSCP, CSSLP or related is strongly desired
  • Ability to work well under minimal supervision
  • Requires strong interpersonal, organizational, written and verbal communication skills
Job Responsibility
Job Responsibility
  • Design and execute complex penetration tests against cloud-native applications, infrastructure, and data stores
  • Exploit vulnerabilities in cloud platforms, such as AWS, Azure, and GCP, using advanced techniques and tools
  • Assess the security posture of cloud-native applications, microservices, and serverless architectures
  • Develop and execute attack scenarios that simulate real-world threats, including supply chain attacks, privilege escalation, and lateral movement
  • Lead and mentor a team of experienced penetration testers, providing guidance and support on advanced techniques and tools
  • Assign tasks, review deliverables, and ensure project timelines are met
  • Develop and maintain standard operating procedures for complex penetration testing activities
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Cloud Automation Test Engineer

This role involves designing and executing complex penetration tests against clo...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must have B.E / B.Tech / M.Tech / MCA in Computer Science or Information Technology
  • Must have a minimum of 2 to 6 years penetration testing, with a strong focus on cloud environments
  • In-depth understanding of cloud technologies (AWS, Azure, GCP) and their security implications
  • Proficiency in advanced penetration testing tools and techniques, such as Burp, ZAP, Metasploit, Cobalt Strike, and PowerSploit
  • Experience with container technologies (Docker, Kubernetes) and serverless architectures
  • Strong scripting skills (Python, PowerShell) for automation and custom tool development
  • Experience with security orchestration, automation, and response (SOAR) platforms
  • Active security certifications such as OSCP, CSSLP or related is strongly desired
  • Ability to work well under minimal supervision
  • Requires strong interpersonal, organizational, written and verbal communication skills
Job Responsibility
Job Responsibility
  • Design and execute complex penetration tests against cloud-native applications, infrastructure, and data stores
  • Exploit vulnerabilities in cloud platforms, such as AWS, Azure, and GCP, using advanced techniques and tools
  • Assess the security posture of cloud-native applications, microservices, and serverless architectures
  • Develop and execute attack scenarios that simulate real-world threats, including supply chain attacks, privilege escalation, and lateral movement
  • Lead and mentor a team of experienced penetration testers, providing guidance and support on advanced techniques and tools
  • Assign tasks, review deliverables, and ensure project timelines are met
  • Develop and maintain standard operating procedures for complex penetration testing activities
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Automated Security Testing Engineer

We are looking for an experienced Security Testing Engineer to join our cybersec...
Location
Location
Salary
Salary:
Not provided
itransition.com Logo
Itransition
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3–5 years of experience in security testing and penetration testing
  • Required Certification (one of the following): CREST Practitioner Security Analyst (CPSA), CREST Registered Penetration Tester (CRT), CREST Certified Tester (CCT), Offensive Security Certified Professional (OSCP)
  • Experience testing web, mobile, and desktop applications
  • Strong understanding of application security and common vulnerabilities (OWASP Top 10)
  • Ability to produce clear, structured security documentation and reports
  • Strong analytical and problem-solving skills
  • English skills should be sufficient for taking part in conversations on the technical aspects of projects
Job Responsibility
Job Responsibility
  • Conduct penetration testing and vulnerability assessments for web, mobile, and desktop applications
  • Identify security vulnerabilities and provide clear remediation recommendations
  • Develop and maintain security testing strategies and methodologies
  • Prepare technical documentation and security reports for stakeholders
  • Collaborate with engineering and development teams to address security issues and improve system resilience
What we offer
What we offer
  • Projects for such clients as PayPal, Wargaming, Xerox, Philips, Adidas and Toyota
  • Competitive compensation that depends on your qualification and skills
  • Career development system with clear skill qualifications
  • Flexible working hours aligned to your schedule
  • Options to work remotely
  • Corporate medical insurance covering services of private and public medical centers
  • English courses online
  • Corporate parties and events for employees and their children
  • Internal conferences, workshops and meetups for learning and experience sharing
  • Gym membership compensation
Read More
Arrow Right

Penetration Tester

Do you want to help secure some of Microsoft’s most critical and high‑impact onl...
Location
Location
United States , Redmond
Salary
Salary:
84200.00 - 165200.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field OR equivalent experience.
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 2+ years’ experience in security or related field OR equivalent experience.
  • Experience with one or more of the following is a plus: Penetration testing
  • Vulnerability research
  • Scripting/automation
  • Threat Hunting
  • Detection Engineering
Job Responsibility
Job Responsibility
  • Identify security vulnerabilities and variants across critical cloud services.
  • Perform source code reviews, dynamic analysis, and operational security assessments.
  • Validate software quality and adherence to security development practices.
  • Work with engineering and defense teams to improve detection, response, and operational awareness.
  • Contribute to static and runtime analysis capabilities to detect software security issues.
  • Help design automated analysis workflows for managed code and modern web services.
  • Explore and prototype automation that improves consistency, speed, and depth of security assessments.
  • Stay current on offensive security tactics, penetration testing tools, and defensive techniques.
  • Conduct research that supports training and awareness for internal engineering teams.
  • Support innovation efforts across MSC Security, including tooling, methodology improvements, and knowledge sharing.
  • Fulltime
Read More
Arrow Right

Information Security Analyst

The SOC Analyst will be responsible for day-to-day security threats, vulnerabili...
Location
Location
United Kingdom , Belfast
Salary
Salary:
Not provided
apexclearing.com Logo
Apex Clearing
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • The permanent right to live and work in the United Kingdom - this job is based in Belfast, Northern Ireland
  • Bachelor’s degree in a related field (Security, Forensics, Cyber Security, or Computer Science is preferred) or equivalent industry related experience
  • At least 2 years' experience working within an information security / cyber security role
  • Desirable | Proven experience as a security analyst, incident handler/responder, security engineer, or penetration tester
  • Knowledge of security methodologies, processes (i.e., Cyber Kill Chain/Diamond Models, and the MITRE ATT&CK/D3FEND framework)
  • Knowledge of technical security solutions (such as but not limited to firewalls, SIEM, NIDS/NIPS/HIDS/HIPS, EDR, DLP, SOAR, proxies, network behavioural analytics, orchestration, automation and cloud security)
  • Deep knowledge of TCP/IP, UDP, DNS, FTP, SSH, SSL/TLS and HTTP Protocols, network analysis, and network/security applications and email security
  • Good knowledge of common malware threats and attack methodologies
  • Basic knowledge of scripting languages and programming languages (PowerShell, Python, Bash, .NET, Ruby,Java, C, etc.)
  • Desirable Professional Certifications: GCIA, GCIH, GCFE, GCFA, Security+, CCNA CyberOps, OSCP, GPEN, GWAPT, CEH, CySA+
Job Responsibility
Job Responsibility
  • Monitor, analyse, investigate security incidents and events using various tools and technologies including SIEM, UEBA, Threat Intel and EDR
  • Perform security incident and event correlation, analysis, triage using information gathered from a variety of sources within the enterprise
  • Generate reports, dashboards, and presentations from security technologies
  • Able to participate in an on-call rotation and provide Tier 1 & Tier 2 support
  • Provide analysis of trending security data from a large number of heterogeneous security devices across different layers
  • Provide Incident Response (IR) support when analysis confirms an actionable incident
  • Communicate and collaborate with stakeholders, including internal customers and senior management to provide updates on security incidents and to ensure proper resolution
  • Investigate, document, and report on information security threats and emerging trends
  • Integrate technologies and share information with SOC analysts and external teams
  • Participate in internal projects and initiatives to increase SOC efficiency and improve SOC tooling
What we offer
What we offer
  • 28 days annual leave plus 10 NI national holidays
  • Pension matched up to 7%
  • Private health insurance for medical and dental
  • Life Insurance
  • Great work/life balance and flexible working hours
  • Monthly catered lunches
  • Unlimited drinks and snacks
  • Charitable matching gift program
  • Annual bonus
  • Training and development budget
  • Fulltime
Read More
Arrow Right