TopSOC Information Security Limited
TopSOC is a startup focusing on cyber security services especially on managed security services. Our major project is SOCaaS for SMEs which was the second runner up for the 10th China Innovation and Entrepreneurship Competition (Guangdong Area) of Hong Kong, Macau and Taiwan in 2021. We are based in Macau with offices in HK and Hengqin and we are growing our customers in HK this year.
We are now looking for a smart, innovative and energetic graduate to grow with us and to provide high quality SOC and security services. If you are interested to join us, please send your details to hr@topsoc.com.mo.
Senior Security Engineer
Ref: SSE2501
About the Role:
We seek a motivated Security Consultant or Senior Security Engineer with 1+ years of hands-on penetration testing experience to join our team. This role is ideal for professionals passionate about identifying vulnerabilities, securing systems, and advising stakeholders. The position balances technical execution (Engineer) and client-facing consulting (Consultant), depending on candidate expertise.
Responsibilities:
• Penetration Testing: Conduct tests across web apps, mobile, APIs, cloud (Alibaba Cloud/AWS/Azure), and network infrastructure using tools like Burp Suite, Metasploit, and Nmap. Prefer to have experience on writing Cybersecurity law reports.
• Vulnerability Management: Perform assessments, prioritize risks, and deliver actionable reports with remediation steps.
• Consulting/Client Interaction (Consultant Focus): Advise clients on security best practices, present findings, and design tailored solutions.
• Security Architecture (Engineer Focus): Collaborate on secure system designs, mentor junior staff, and lead security assessment exercises.
• Threat Intelligence: Stay updated on emerging threats and integrate findings into testing methodologies.
• Support Malware analysis and forensics
• 24*7 on call support
• Deploy Firewall and security solutions
• Perform the tasks requested by the company
Requirements:
• BSc in Computing or Cybersecurity, or related field (or equivalent experience).
• Knowledge on OS, network and security technologies
• 3 years cyber security experience with 1+ years of hands-on penetration testing experience (e.g., web, mobile, network).
• Proficiency in tools: Burp Suite, Metasploit, Nmap, Kali Linux, and vulnerability scanners.
• Knowledge of OWASP Top 10, MITRE ATT&CK, and compliance standards (ISO 27001, NIST).
• Scripting skills (Python/Bash/PowerShell) for automating tasks.
• Certifications: OSCP, CEH, or similar (or progress toward them).
• Leadership experience in security projects or mentoring.
• Certifications: CISSP, CISM, or cloud-specific (ACP Security).
• Advanced certs (OSCE, GPEN, CISSP).
• Proactive and willing to work hard
• Creative and willing to learn
