job details

about the company.

Our client is a major enterprise technology solutions and cloud services provider with a dominant market presence in Hong Kong. Known for its extensive digital infrastructure and robust digital transformation capabilities, the company handles critical data, connectivity, and enterprise-grade assets for millions of users and corporate customers. The cybersecurity division is a central pillar of its operations, dedicated to pioneering defensive and offensive strategies that safeguard next-generation enterprise platforms, cloud environments, and mobile applications against evolving threats.

about the job. ...

Scope, plan, and deliver manual penetration tests on enterprise systems, commercial network infrastructures, and mobile applications to identify potential vulnerabilities.
Execute specialized security assessments focused specifically on mobile application environments and their underlying integrations.
Deliver detailed technical reports outlining exploit paths, business risk analysis, and actionable remediation strategies for internal engineering teams.
Keep abreast of the latest threat intelligence, zero-day vulnerabilities, and offensive security methodologies to uplift the organization's overall defense posture.

skills & experiences required.

Atleast 4 years of professional IT experience directly related to IT security.
Must possess a minimum of two (2) years of hands-on experience in delivering IT projects focused on manual penetration tests for systems featuring mobile applications.
Must hold at least one (1) recognized cybersecurity certification from the list below:

Offensive Security: OSCP or OSCE.
CREST: CRT (Registered Penetration Tester), CCT APP (Certified Web Applications Tester), CCSAS (Certified Simulated Attack Specialist), or CCSAM (Certified Simulated Attack Manager).
GIAC: GWAPT, GPEN, or GXPN.
Regional Certifications: CISP-PTE (CNITSEC), Certificate of Occupational Skill Level – Level 3 or above in Penetration Testing (CECC), or NSATP-A (ITSTEC).

Exceptional problem-solving abilities with a proven track record of thinking like an attacker to secure complex environments.
Good command of spoken and written English and Chinese to articulate technical risks effectively to diverse stakeholders.

If you are interested in this role, please click 'Apply Now' or send your CV directly to russell.regalado@randstad.com.hk

about the company.

Our client is a major enterprise technology solutions and cloud services provider with a dominant market presence in Hong Kong. Known for its extensive digital infrastructure and robust digital transformation capabilities, the company handles critical data, connectivity, and enterprise-grade assets for millions of users and corporate customers. The cybersecurity division is a central pillar of its operations, dedicated to pioneering defensive and offensive strategies that safeguard next-generation enterprise platforms, cloud environments, and mobile applications against evolving threats.

about the job. ...

Scope, plan, and deliver manual penetration tests on enterprise systems, commercial network infrastructures, and mobile applications to identify potential vulnerabilities.
Execute specialized security assessments focused specifically on mobile application environments and their underlying integrations.
Deliver detailed technical reports outlining exploit paths, business risk analysis, and actionable remediation strategies for internal engineering teams.
Keep abreast of the latest threat intelligence, zero-day vulnerabilities, and offensive security methodologies to uplift the organization's overall defense posture.

skills & experiences required.

Atleast 4 years of professional IT experience directly related to IT security.
Must possess a minimum of two (2) years of hands-on experience in delivering IT projects focused on manual penetration tests for systems featuring mobile applications.
Must hold at least one (1) recognized cybersecurity certification from the list below:

Offensive Security: OSCP or OSCE.
CREST: CRT (Registered Penetration Tester), CCT APP (Certified Web Applications Tester), CCSAS (Certified Simulated Attack Specialist), or CCSAM (Certified Simulated Attack Manager).
GIAC: GWAPT, GPEN, or GXPN.
Regional Certifications: CISP-PTE (CNITSEC), Certificate of Occupational Skill Level – Level 3 or above in Penetration Testing (CECC), or NSATP-A (ITSTEC).

Exceptional problem-solving abilities with a proven track record of thinking like an attacker to secure complex environments.
Good command of spoken and written English and Chinese to articulate technical risks effectively to diverse stakeholders.

If you are interested in this role, please click 'Apply Now' or send your CV directly to russell.regalado@randstad.com.hk

summary

speed up the application by sharing your profile

apply with randstad.
Applying with us is easy. We will review your application and see if you are a good fit for the job and the company.
we’ll give you a call.
Our consultant will call you to discuss your application and further career aspirations if you're suitable for a role.
getting you registered.
If you’ve never worked with us before, we’ll need some basic additional pieces of information to confirm your eligibility to work in Hong Kong SAR.
compliance check.
Next, we just need to verify a few things - we’ll make the relevant compliance checks and keep you posted.
reference and background check.
As part of the process in ensuring you’re perfect for the role, we’ll make contact with any relevant references you’ve provided.
the perfect job for you.
Our expert team will either arrange an interview for the role you’ve applied for, or if they believe there’s a better opportunity, they’ll suggest alternative options too.
the interview.
If a job which you have applied for requires an interview, we will ensure you are fully prepared and know exactly what to expect - good luck!
start your new job.
Congratulations, you’re ready to begin your new job. The team will ensure that you’re fully prepared for your first day.