Senior Penetration Tester

Taipei, Taiwan

StraitsX

StraitsX is the payments infrastructure for digital assets in Southeast Asia and issues XSGD, XUSD, and XIDR, the Singapore Dollar, U.S Dollar & Indonesian Rupiah stablecoins.

View all jobs at StraitsX

Apply now Apply later

About the Role
We are looking for a Security Engineer who will support both penetration testing efforts and in-house development of security tooling. The ideal candidate has solid programming experience and a strong foundation in identifying, analyzing, and remediating vulnerabilities across applications, networks, and systems. In addition to testing responsibilities, this role will contribute to the development and maintenance of internal InfoSec tools, and serve as a technical advisor during forensic investigations.

What You Will Do

  • Conduct penetration tests on internal and external systems, applications, and infrastructure.  
  • Develop, improve, and maintain custom security tools for internal use.  
  • Provide technical expertise and guidance during forensic investigations and incident analysis.  
  • Document test results and forensic findings with actionable recommendations.  
  • Collaborate with engineering, infrastructure, and compliance teams to drive security improvements.  
  • Stay informed of current security trends, vulnerabilities, and exploits.

What We Are Looking For

  • Bachelor's or Master's degree in Computer Science, Information Security, or related fields.  
  • Solid programming skills (e.g., Golang, Python, JavaScript, or others).  
  • Proven experience in penetration testing (web, mobile, and/or network).  
  • Certifications such as **OSCP** or **CREST** are mandatory.  
  • Knowledge of security frameworks (e.g., OWASP Top 10, NIST, CIS).  
  • Ability to analyze incidents and provide forensic guidance.  
  • Strong problem-solving and communication skills. 

Nice to Haves

  • Familiarity with Golang is a plus.  
  • Experience in code review, secure coding practices, and threat modeling.  
  • Additional certifications such as OSCE, CEH, or GCIH.  
  • Experience with CI/CD integration for security tools or automated testing.  
  • Exposure to cloud or container security (AWS, GCP, Docker, Kubernetes).  
  • Involvement in CTFs, bug bounties, or open-source security projects.
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  2  0  0
Category: PenTesting Jobs

Tags: AWS CEH CI/CD Cloud Compliance Computer Science CREST Docker Exploits GCIH GCP Golang JavaScript Kubernetes NIST OSCE OSCP OWASP Pentesting Python Vulnerabilities

Region: Asia/Pacific
Country: Taiwan

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.