• Maintain top 10 OWASP checklist & ensuring effectiveness control in Web & Mobile Apps
• Executing Routine Penetration Testing (Security Assessment) & Creating comprehensive report
• Assisting in WAF optimization based on active threat (Managing core ruleset focus in relevant to top 10 OWASP)
• Managing Application Security vulnerabilities & Remediation process
• Conducting Routine Information Security Awareness (Technical aspect & general awareness)
• L2 Security Incident Response & Day to day supporting

• Should have vast experience minimum 2 years in relevant field (IT Security / SOC Engineer / Information Security / DevSecOps, Security Engineering)
• Hands-on / experience with SIEM (Security Incident Event Monitoring) technologies
• Hands-on / experience with WAF, NGFW, Endpoint Security, SAST and other relevant security control
• Strong understanding in web application / mobile apps architecture
• Hands-on / have solid knowledge in CI CD (DevSecOps)
• Hands-on / experience with programming languages (coding skills) (Plus Point)
• Have a strong analytical skill with good communication and interpersonal skills
• Hands-on / experience with automation tools / machine learning technologies (Plus Point)
• Hands-on / experience in penetration testing tools (Burpsuite / Acunetix etc)
• Skills in office tools (excel, presentation, visio or cloud document utility tools

Evermos is committed to providing an inclusive environment where equal opportunities are available to all applicants regardless of race, color, religion, gender, national origin, disability, age, genetic information, marital status, pregnancy, or related condition. We will not tolerate discrimination or harassment based on any of these characteristics.

We also emphasize the importance of diversity in all aspects of employment including recruitment, hiring, promotions, training, and organization operations.