Junior MVSS Analyst

Role: Junior Vulnerability Analyst

Location: Taguig City, Metro Manila - Hybrid

Schedule: Night Shift, Hybrid set up - 3 days onsite

Thanks for checking out our job opening; we are excited that YOU are interested in learning more about NCC Group.

We are on a mission to make society a safer and more secure place. Our people are the ones who make that possible; a global community of talented individuals working together towards a safer future.

We aim to create an environment where everyone can reach their full potential. We work together, we are brilliantly creative, we embrace difference, and we want you to join in our mission, to make the world safer and more secure.

Take a look at our website here to learn more about why we’re one of the leading global Cyber Security and Risk Mitigation business…

https://www.nccgroup.com/uk/

The Opportunity:

This is an exciting opportunity to work in a fun and challenging environment within the Managed Vulnerability Scanning Services team at NCC Group. MVSS uses market leading security testing tools and platforms to provide security testing services for our large client base. You will play a key role in delivering and managing client security programs all year round, as well as building relationships with clients and ensuring that our services are meeting their needs. You will also be given every opportunity to help shape the direction of the department as well as assist with the development of new service lines offered by the company.

Key Accountabilities:

• Running network and web application vulnerability scans
• Manually verifying all vulnerabilities identified in scans
• Manual testing of authorization and web interactions
• Develop and deliver reports related to technical security assessments
• Provide support to clients on troublesome vulnerability issues
• Present findings and recommendations to technical and executive audiences

Requirements:

• Familiarity with Web technologies. This includes an understanding of how web clients and servers typically work.
• Familiarity with common web application vulnerabilities.
• Basic knowledge of how to test common web and network protocol vulnerabilities, and how to remediate them.
• Experience of using network and application scanning tools and utilities, such as Nexpose Rapid 7, HP WebInspect, IBM AppScan, Tenable Nessus, Burp, NMAP etc.
• Good interpersonal and communication skills.
• Ability to manage time and tasks independently.
• Ability to communicate with customers in a clear and concise manner.

Desired Skills:

• Degree in Computer Science / Engineering or equivalent experience.
• Hands-on experience leveraging and implementing web application penetration testing techniques and methodology.
• In-depth knowledge of common web application architectures and best-practice security standards.
• Experience identifying, exploiting, and remediating common web application security vulnerabilities such as SQLi, XSS, SSRF, CSRF, and others identified in the OWASP Top 10.
• Exposure to software development and understanding of secure code development.
• A willingness to adapt and passion to learn and grow quickly.
• iOS or Android Penetration testing experience is a plus.

Relevant Professional Certifications (if any):

• Offensive Security Certified Professional (OSCP)
• Offensive Security Web Expert (OSWE)
• Burp Suite Certified Practitioner (BSCP)
• HTB Certified Penetration Testing Specialist (HTB CPTS)
• Crest Registered Tester (CRT)
• CREST Practitioner Security Analyst (CPSA)
• TCM-Sec Mobile Application Penetration Testing
• Certified Mobile and Web Application Penetration Tester (CMWAPT)

Behaviours:

• Focusing on Clients and Customers
• Working as One NCC
• Always Learning
• Being Inclusive and Respectful
• Delivering Brilliantly

About NCC Group

The NCC Group family has over 2,200 members located all around the world, providing a trusted advisory service to 15,000 customers. Born in the UK, we have now have offices in North America, Canada, Europe, Asia- Pacific and United Arab Emirates.

We are passionate about helping our customers to protect their brand, value and reputation against the ever-evolving threat landscape. We fuel that passion with investment in our people and our business.

Our values and code of ethics are at the heart of how we operate – we work together, we are brilliantly creative and we embrace difference. We treat everyone and everything with equal respect.

We want to create an environment where all colleagues feel psychologically, emotionally and physically safe to be authentic, sharing their personal experiences to represent the diversity of the world they live in, and have equal opportunity to achieve their best.

About your application

We review every application received and will get in touch if your skills and experience match what we’re looking for. If you don’t hear back from us within 10 days, please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.

If you do not want us to retain your details, please email global.ta@nccgroup.com. All personal data is held in accordance with the NCC Group Privacy Policy. We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.

Please note that this role involves mandatory pre-employment background checks due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process.