The ASC provides the following services to our clients:

• Web, Web services, mobile and thick client penetration testing

• Internal/External network penetration testing

• Red Team/Purple Team assessments

• Social Engineering assessments

• Application Security consulting and secure code review

• Wireless assessments

• Vulnerability assessments

• Security configuration reviews 

Our mission is to provide long-term careers for security testers, not just a job. Our team is structured to allow you to grow in your role and progress your career. 

What you’ll do: 

• Lead and manage technical cybersecurity testing engagements end to end (web applications, mobile applications (Android and iOS), web services, API, network, thick client, external/internal network penetration testing)

• Work effectively as a self-managed team member, share responsibility, provide support, maintain communication and update management on engagement process

• Supervise and provide coaching and training to junior team members

• Prepare client reports and presentations to an exceptional standard

• Excellent communication skills and be able to present technical findings to technical team (as and when required)

• Manage and develop client stakeholder relationships

• Research the latest security best practices and stay abreast of new threats and vulnerabilities and share these with the team

• Contribute to internal research and development projects to help build custom red team tools

• Contribute and/or lead and drive cyber security staff recruitment, retention and development activities

• Execute and contribute to the ASC strategy and vision to build the strongest and most diverse team within security testing market. 

On your first day, we'd love for you to have: 

• A minimum of 4+ years cybersecurity experience majority of it being penetration testing or application security experience beyond automated tools.

• Strong project management, negotiation and interpersonal skills.

• A commitment to build and grow your technical cybersecurity career to the next level.

• Experience in web and mobile application security testing and specialisation in one other domain would be favourable (thick application or internal/external network)

• Demonstrable proficiency of at least 2 following security assessment methodologies:

  • Web, Web services, mobile and thick client penetration testing

  • Internal/External network penetration testing

  • Application Security consulting and secure code review

  • Wireless assessments

  • Social engineering/red team assessments

• Demonstrable technical understanding of at least 2 of following domains:

  • Common web technologies and frameworks

  • Application architecture

  • Cloud computing

  • Networking and Network protocols

  • DevOps methodology and pipelines 

It's great, but not required, if you have: 

• Relevant (or be willing to pursue) professional certifications such as OSCP, SANS, CREST, CISSP etc.

• A Bachelors and/or post graduate degree in computer science, information systems, engineering, or a related major is advantageous.

• The ability to translate technical jargon to non-technical people

• A methodical approach to attack and penetration testing (above running automated tools)

• Technical security operations or software development experience