Back to jobs
New

Penetration Tester

Kuala Lumpur, Malaysia

Founded in 2003 and headquartered in Singapore, Group-IB is a leading creator of cybersecurity technologies to investigate, prevent, and fight digital crime. Combating cybercrime is in the company’s DNA, shaping its technological capabilities to defend businesses, citizens, and support law enforcement operations.

Group-IB’s Digital Crime Resistance Centers (DCRCs) are located in the Middle East, Europe, Central Asia, and Asia-Pacific to help critically analyze and promptly mitigate regional and country-specific threats. These mission-critical units help Group-IB strengthen its contribution to global cybercrime prevention and continually expand its threat-hunting capabilities.

 

ABOUT THE ROLE

As a Penetration Tester, you will be a key player in expanding our cyber security activities across the APAC market. Your primary responsibility will be to assess the security posture of organizations, identifying and mitigating potential risks and vulnerabilities. By utilizing your expertise in identifying weaknesses and recommending effective security measures, you will contribute significantly to ensuring the safety and integrity of our clients' systems and data.

 

YOUR MISSION

  • Conduct external and internal vulnerability assessments
  • Engage in external and internal penetration testing
  • Raise awareness through social engineering phishing campaigns
  • Internal research and development

 

WHAT WE ARE LOOKING FOR

  • Bachelor’s Degree in Computer Science, Cybersecurity or related field (or equivalent work experience)
  • 3 - 5 years of experience in Penetration Testing. Previous experience as a System administrator/network engineer background is advantageous;
  • Knowledge on network protocols
  • Knowledge of common network attacks and vulnerabilities
  • Knowledge of common web vulnerabilities and exploitation (with focus on remote code execution)
  • Knowledge and experience in working with OSINT skills
  • Knowledge of Active Directory (AD) structure and security principles
  • Familiar with common Active Directory (AD) privilege escalation methods
  • Proficient in scripting in one of the following languages: bash, Powershell, Python

 

WHAT SETS YOU APART

  • Basic knowledge on Microsoft Azure cloud platform
  • Basic knowledge on binary exploitation, reverse engineering
  • Basic knowledge on Anti-Virus and EDR evasion
  • Basic knowledge on contemporary spear phishing techniques
  • Active participation and success in bug bounty programs
  • Experience in Capture The Flag (CTF) is a plus
  • Certification in OSCP or any relevant practical certification
  • Previous discoveries of Common Vulnerabilities and Exposures (CVE) identifiers

 

WHY CHOOSE GROUP-IB

Group-IB is a global leader in cybersecurity technologies that investigate, predict, prevent, and fight digital crime. We help organizations reduce risk and protect trust. Trusted by governments, major industries, and law enforcement, we deliver adversary-focused, predictive threat intelligence and cyber fraud fusion solutions that detect, analyse, and mitigate regional and country-specific digital crimes.

  • Work with real stakes. Group-IB investigates active cybercriminal groups, responds to breaches affecting critical infrastructure, and develops technologies used by law enforcement agencies including INTERPOL, Europol, and Afripol across 60+ countries. We've conducted 1,550+ cybercrime investigations alongside 600+ enterprise customers globally. When you join Group-IB, your work directly disrupts digital crime.
  • Grow your way. Choose your own path: deepen your craft as a technical expert, step into leadership, move across to another team, or relocate to one of our Digital Crime Resistance Centers across the Americas, Europe, the Middle East & Africa, Central Asia, and the Asia-Pacific. Your growth is our growth — Group-IB's expansion across 60+ active country operations means real career acceleration.
  • We fund professional certifications at company expense — whether you're pursuing CEH, CISSP, OSCP, or specialized certifications in forensics and penetration testing. You don't have to choose between doing the job and advancing your credentials.
  • Work alongside industry leaders. Our Unified Risk Platform — Threat Intelligence, Digital Risk Protection, Attack Surface Management, Managed XDR, and more — is recognized by Gartner, Forrester, KuppingerCole, and Datos Insights. Frost & Sullivan named us a 2025 Global Technology Innovation Leader. When you work here, you're building technologies that set the industry standard.
  • Real challenges, real expertise. You'll take on complex, real-world problems alongside adversary-centric researchers and incident response experts spread across six continents. We've built 21+ years of proprietary telemetry through 1,500+ joint investigations. No two threats look alike — and neither do the skills you'll develop.
  • A team that is genuinely international. Our people come from different countries, speak different languages, and bring different perspectives. What connects us is a shared mission: fighting cybercrime and making the world safer. We care about your wellbeing and happiness as much as your output.

Apply for this job

*

indicates a required field

Resume/CV

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

Accepted file types: pdf, doc, docx, txt, rtf