Eyepax Logo

CAREERS

Cybersecurity Specialist

Cybersecurity Specialist

Experience and Responsibilities:

Penetration Testing Duties: 

• Conduct penetration testing on public-facing web applications, identifying vulnerabilities based on OWASP Top 10 and industry best practices.

• Perform penetration testing on API interfaces (REST, GraphQL, SOAP), identifying authentication and data exposure risks.

• Execute penetration testing on VMs hosted in Azure & AWS with public IP addresses, ensuring secure configurations and resilience against attacks.

• Assess Azure Key Vault and AWS Secrets Manager for misconfigurations, access control weaknesses, and data exposure risks.

• Perform penetration testing on privileged/admin accounts, evaluating authentication mechanisms and privilege escalation risks.

• Test wireless network security (Wi-Fi penetration testing) at designated locations, identifying unauthorized access points and encryption weaknesses.

• Provide detailed reports on vulnerabilities, risk analysis, and remediation steps to development and security teams.

Cybersecurity Specialist Duties: 

• Monitor cloud security postures in Azure and AWS, ensuring proper access controls, IAM policies, and network security groups are in place. 

• Implement and manage Intrusion Detection & Prevention Systems (IDS/IPS) and firewall security rules

• Perform continuous vulnerability scanning and remediation tracking across on-premise and cloud infrastructure. 

• Develop and enforce security policies, procedures, and incident response protocols

• Investigate security incidents, breaches, and anomalies, working with IT teams to mitigate risks. 

• Conduct security awareness training for internal teams on secure development practices and phishing defense. 

• Ensure compliance with ISO 27001, NIST, GDPR, SOC2, and other relevant cybersecurity standards

Skills and Personal Characteristics:

Technical Skills: 

  • 3-5 years of experience in penetration testing, cybersecurity, and cloud security assessments
  • Strong knowledge of penetration testing methodologies (OWASP, NIST, PTES). 
  • Hands-on experience in Azure & AWS security testing, IAM configurations, and cloud penetration testing
  • Proficiency in web application & API security testing (SQL Injection, XSS, CSRF, Broken Authentication, etc.). 
  • Strong understanding of privileged access security and active directory security (Azure AD & AWS IAM). 
  • Experience in wireless penetration testing, including WPA2/WPA3 assessments and rogue access point detection. 
  • Familiarity with penetration testing tools, such as: 
    • Burp Suite, OWASP ZAP 
    • Nmap, Nessus, OpenVAS 
    • Metasploit, SQLmap 
    • Wireshark, Aircrack-ng 
    • AWS Inspector, Azure Security Center 
  • Scripting proficiency in Python, PowerShell, Bash for automation and exploit development. 
  • Knowledge of Zero Trust security principles, IAM best practices, and endpoint security solutions

Soft Skills: 

• Strong analytical and problem-solving skills. 

• Ability to effectively communicate security vulnerabilities to technical and non-technical stakeholders. 

• Strong documentation and report writing skills, including detailed penetration testing reports. 

• Ability to work independently and collaboratively with security, IT, and development teams. 

Preferred Qualifications: 

  • Industry-recognized certifications (one or more preferred): 
    • OSCP (Offensive Security Certified Professional) 
    • CISSP (Certified Information Systems Security Professional) 
    • CEH (Certified Ethical Hacker) 
    • GWAPT (GIAC Web Application Penetration Tester) 
    • GPEN (GIAC Penetration Tester) 
    • AZ-500 (Microsoft Azure Security Engineer) 
    • AWS Certified Security – Specialty 

• Experience with threat intelligence, SIEM solutions, and red/blue team exercises is a plus. 

• Previous experience working with SOC teams and incident response

If this role excites you and sounds like a great fit, please apply now!

Skills

If this role excites you and sounds like a great fit, please apply now!

Full Time

Employment type

Colombo, Sri LankaHo Chi Minh, Vietnam

[email protected]

Contact email

Cybersecurity Specialist

Expedia

“Eyepax has supported Expedia’s Production teams in APAC since 2008. During this time the team has demonstrated excellent professionalism and technical competence. I would like to thank Eyepax for their support and look forward to continuing our relationship with them.”

MABI

“I have had the pleasure to work with Eyepax on our journey in getting MABI’s car rental operations into the Amadeus Global travel platform. I have been impressed by their Project Management as well as their agile software development approach. We are now Globally visible and its been an exciting journey. I look forward to our next project together.”

Mekonomen Group

“Mekonomen Group is the leading automotive spare-parts chain in the Nordic region, with proprietary wholesale operations, 350 stores and 2,300 workshops operating under the Mekonomen brands. Our business expansion with the Nordic markets ( Sweden, Norway, Denmark, Finland) is underpinned by an aggressive growth strategy that requires an IT partner that can provide reliable and scalable solutions on time and every time.

Finding a company that can deliver upon that expectation continuously is a real challenge. We have been working with Eyepax for a little over two years and find that Eyepax continues providing quality IT solutions, embodied by highly personalised service, meeting our expectations and beyond. This has been an unparalleled and refreshing experience and we are looking forward to our continued relationship.”