Penetration Tester, Web/Mobile Apps And Cloud Services

About Us:

Headquartered in the United States, TP-Link Systems Inc. is a global provider of reliable networking devices and smart home products, consistently ranked as the world's top provider of Wi-Fi devices. The company is committed to delivering innovative products that enhance people's lives through faster, more reliable connectivity. With a commitment to excellence, TP-Link Systems serves customers in over 170 countries and continues to grow its global footprint.

We believe technology changes the world for the better! At TP-Link Systems Inc, we are committed to crafting dependable, high-performance products to connect users worldwide with the wonders of technology.

Embracing professionalism, innovation, excellence, and simplicity, we aim to assist our clients in achieving remarkable global performance and enable consumers to enjoy a seamless, effortless lifestyle.

Overview:

TP-Link Systems Inc. is seeking a skilled and proactive Penetration Tester, Web/Mobile Apps and Cloud Services to support our cloud service projects under the guidance of senior team members. This role is designed for candidates with a foundational technical background in cybersecurity, particularly in cloud environments. Under the mentorship of senior engineers, the successful candidate will be involved in a range of security activities for specific cloud service components, including penetration testing, threat modeling and security assessment for defined modules, contributing to investigation, risk assessment and verification for incident response.

The ideal candidate is eager to learn, capable of working within defined boundaries, and driven to enhance the security of TP-Link's cloud services while developing deeper expertise in cloud security practices.

Key Responsibilities:

• Penetration Testing: Perform penetration testing on cloud services, web applications, and APIs to identify vulnerabilities. Provide remediation recommendations and write detailed penetration test reports.
• Threat Modelling and security assessment: Perform threat modeling to identify and evaluate potential risks for specific cloud components and web applications.
• Incident Response and Vulnerability Management: Support cloud and web application incident response, including investigation, containment, remediation, and post-incident analysis. Coordinate with cross-functional teams to ensure effective resolution.
• Cloud security configuration: Analyze cloud security configurations and identify misconfigurations that could lead to vulnerabilities.
• Develop security tools: Assist in developing various pen-testing tools, automated testing platforms, and scripts to enhance testing efficiency and accuracy for cloud environments.
• CI/CD Security Integration: Participate in the development and improvement of the company's CI/CD security processes, ensuring security considerations are integrated throughout the development lifecycle.
• Interpret cloud security standards and regulatory requirements, supporting implementation of security requirements.