Penetration Tester

Provide guidance on Secure Coding Practices to development teams.
Perform penetration testing and security assessments on Cloud Services (AWS, GCP).
Participate in security architecture reviews and risk assessments.
Conduct Mobile Application Security Testing for Android and iOS platforms.
Collaborate closely with Backend, DevOps, Cloud, and QA teams to ensure remediation and secure system architectures.
Research new vulnerabilities (including potential 0‑days) and support CVE registration when applicable.
Perform Web Application and API penetration testing based on OWASP Top 10 and industry best practices.
Utilize scripting skills (Python, Go, Bash, etc.) to automate testing tasks and improve security workflows.
Perform manual penetration testing on web- based enterprise systems and prepare detailed security reports.
Develop Proof‑of‑Concept (PoC) exploits for identified vulnerabilities, including CVE- level issues.
Analyze and validate True/False Positive results from SAST, DAST, and SCA security tools.

[Required]

Experience with Mobile Application penetration testing (Android/iOS).
Basic knowledge of security technologies such as Firewall, VPN, IPS/IDS, EDR.
Experience working with SAST, DAST, and SCA tools and validating their findings.
Ability to develop PoCs and exploit known vulnerabilities (CVE- level experience preferred).
English communication skills sufficient for team collaboration.
Hands- on experience in Application Security or Penetration Testing.
Certifications such as OSCP, CEH (strongly preferred).
Strong understanding of OWASP Top 10 and secure application development principles.
Understanding of IT infrastructure fundamentals (Network, WAS, DB, OS, etc.).
Solid analytical, documentation, and communication skills.
Bachelor’s degree in Computer Science, Information Security, Software Engineering, or related field.
Proficiency in scripting languages such as Python, Go, or Bash.

[Preferred]

Hands- on experience with Cloud environments such as AWS or GCP.
Familiarity with DevSecOps, CI/CD security, or security automation.
Experience discovering and registering 0‑day vulnerabilities (CVE assignment).
Award history or strong performance in major CTF competitions.
Experience with threat modeling or security design review.

Outdoor activities with company support: sports clubs, team building, happy hour parties, birthdays, travel, employee and family events, etc.
Topik allowance.
Review capacity annually and adjust salary increases according to work performance.
Good career development opportunities with interesting and challenging projects.
Health care: Premium health insurance, Annual health check- up.
Attractive salary and bonus will be discussed after going through CV & Interview.
English, Korean, technical, soft skills training courses.
Young working environment.
Opportunity to learn special courses from LG CNS, new technology and security.
Gifts on holidays (April 30th- May 1st, September 2nd, Tet, etc.).

Cập nhật gần nhất lúc: 2026-02-28 19:40:02