Security Penetration Tester

Our mission and where you fit inAt Employment Hero, we’re an ambitious bunch on a mission to make employment easier and more valuable for everyone. Since our inception in 2014 we've had some pretty impressive growth (100% YoY), now serving 300,000 businesses globally, with 2 million+ users on the platform, reaching unicorn status in 2022 - and we have no plans to slow down. There’s never been a more exciting time to join one of the fastest-growing SaaS unicorns, so let’s see if we could be a match!What your days might look likeThe Security Penetration Tester at Employment Hero is essential in safeguarding sensitive data and ensuring the security of the company’s systems. This role involves proactively identifying, testing, and mitigating security vulnerabilities across applications and infrastructure and is crucial to the success of our mission. By feeding insights back into the development lifecycle, the Security Penetration Tester will help strengthen Employment Hero's defences and plays a pivotal role in supporting the continuous improvement of the Employment Hero’s security strategy.This role can be based remotely in Vietnam. Candidates should have full working rights in the country.As our Security Penetration Tester, you will: Conduct penetration testing on web applications, networks, mobile platforms, and cloud environments Simulate real-world cyberattacks, including vulnerability assessments, social engineering, and physical security evaluations Identify, analyse, and document security vulnerabilities and recommend mitigation strategies Work closely with IT teams, engineers, and management to implement security measures and close gaps Stay updated on the latest cybersecurity trends, attack techniques, and security tools Prepare detailed reports that clearly communicate findings, risks, and remediation plans to both technical and non-technical stakeholders Participate in red team exercises, security audits, and incident response simulations Identify gaps in people, processes, and technologies Vulnerability research on certain high-value applications or systems Develop proof-of-concept exploits to demonstrate how vulnerabilities can be exploited  You will bring: A minimum of 3 years’ experience in a penetration testing environment Possessing OSCP is a must, with other offensive security certificates highly favourable Strong communication and presentation skills In-depth knowledge of common offensive security tools (Burp Suite, Cobalt Strike, Metasploit) Strong consultative skills, enabling effective communication of complex concepts to both technical and non technical audiences Meticulous attention to detail A strong desire to learn and expand knowledge in the field of information security  Experience is important, but for us the biggest measure of success is people who can live and breathe The EH Way of working. Show us what you can bring to the table, and we’ll empower you to let your talents shine.The EH WayThe EH Way is how we describe our culture at Employment Hero and how we all operate. It is our DNA. You can read all about it on our careers page: ;In short, you’ll love working with us if: Revolutionising employment gets your heart racing. You thrive on the flexibility (and responsibility) of a remote-first business. Our values align, and shape how you show up every day. You love the dynamic pace of a startup, are driven by innovation, and enjoy working with other smart people Are we a match? Think we're the right match for you? Fantastic! Click 'Apply' and our talent team will reach out with the next steps.At Employment Hero, we are committed to safeguarding the privacy of your application data. To understand how we do so, you can read our Applicant Privacy Policy here: Employment Hero celebrates diverse perspectives and experiences, we invite people of all backgrounds and identities to apply for this position.