Thales is a global technology leader trusted by governments, institutions, and enterprises to tackle their most demanding challenges. From quantum applications and artificial intelligence to cybersecurity and 6G innovation, our solutions empower critical decisions rooted in human intelligence. Operating at the forefront of aerospace and space, cybersecurity and digital identity, we’re driven by a mission to build a future we can all trust.
Thales has been present in the Republic of Indonesia for 45 years in the defence, aerospace and space domains, delivering a wide range of civil and defence solutions that highlight our strong commitment to working with the Indonesian government and local stakeholders. In recent years, our innovative solutions in air traffic management systems and telecom satellites have further strengthened our presence in the country alongside our digital portfolio of solutions such as biometrics, data protection and cybersecurity now serving the needs of diverse customers in civil sectors.Job Purpose
The Penetration Tester is responsible for identifying security weaknesses through authorized offensive security testing. The role involves conducting penetration tests across web & mobile applications, infrastructure, and networks, validating real-world risks, and providing actionable remediation guidance to improve the organization’s security posture.
Key Responsibilities
Penetration Testing & Security Assessment
- Conduct penetration testing on:
- Web applications
- APIs
- Internal and external networks
- Cloud environments
- Wireless networks (as applicable)
- Perform manual and automated security testing
- Simulate real-world attack scenarios to assess exploitability and impact
- Identify, validate, and exploit vulnerabilities in a controlled and ethical manner
- Participate in red team / purple team exercises (where applicable)
Analysis & Risk Evaluation
- Analyze findings to determine:
- Business impact
- Risk severity
- Likelihood of exploitation
- Map vulnerabilities to industry standards (OWASP, MITRE ATT&CK, CVSS)
- Provide practical, prioritized remediation recommendations
Reporting & Communication
- Produce clear, high-quality deliverables:
- Executive summaries
- Technical vulnerability reports
- Proof-of-concept evidence
- Present findings to technical teams, management, and stakeholders
- Support remediation validation and retesting
Collaboration & Improvement
- Work with development, infrastructure, and security teams to improve security controls
- Contribute to tool development, scripts, and testing methodologies
- Stay current with emerging threats, vulnerabilities, and exploitation techniques
Required Skills & Qualifications:
Education
- Bachelor’s degree in:
- Computer Science
- Information Security
- Information Technology
or equivalent practical experience (at least 2 years of experience as penetration tester)
Technical Skills
- Strong understanding of:
- Networking (TCP/IP, DNS, HTTP/S, VPNs)
- Operating systems (Linux & Windows)
- Web application architecture
- Hands-on experience with vulnerabilities including:
- OWASP Top 10
- Authentication & authorization flaws
- Injection, XSS, CSRF, SSRF
- Misconfigurations and insecure APIs
- Proficiency with penetration testing tools such as:
- Burp Suite
- Nmap
- Metasploit
- Nessus / OpenVAS
- Nikto
- Scripting / automation skills in at least one:
- Python
- Bash
- PowerShell
- JavaScript
Preferred / Nice-to-Have:
- Experience with:
- Familiar with VAPT Framework OWASP WSTG,MSTG, OSSTM, etc.
- Cloud penetration testing (AWS, Azure, GCP)
- Mobile application security (Android / iOS)
- Source code review
- Knowledge of:
- Secure SDLC
- DevSecOps practices
- Industry certifications (one or more preferred):
- OSCP
- eWPT / eWPTX
- GWAPT
- CEH
- Experience in regulated industries (banking, aviation, government, healthcare)
Personal Attributes
- Strong analytical and problem-solving skills
- Ethical mindset and respect for confidentiality
- Excellent written and verbal communication
- Ability to work independently and in teams
- Detail-oriented with a strong sense of responsibility
At Thales, we’re committed to fostering a workplace where respect, trust, collaboration, and passion drive everything we do. Here, you’ll feel empowered to bring your best self, thrive in a supportive culture, and love the work you do. Join us, and be part of a team reimagining technology to create solutions that truly make a difference – for a safer, greener, and more inclusive world.
Thales Compensation & Benefits Highlights
The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Thales and has not been reviewed or approved by Thales.
-
Retirement Support — Retirement plans with employer contributions and matches, profit sharing, and share purchase opportunities are emphasized across multiple regions. These elements are positioned as competitive components of total rewards.
-
Leave & Time Off Breadth — Generous PTO that increases with tenure, paid holidays, and paid military, maternity, and paternity leave are described. This breadth supports work–life balance across locations.
-
Flexible Benefits — Hybrid work options, flexible schedules, and parental supports such as childcare benefits and leave for sick children are available in several markets. Flexibility is presented as a core part of the employee experience.
Thales Insights
Similar Jobs
What We Do
Thales is a global high technology leader investing in digital and “deep tech” innovations – connectivity, big data, artificial intelligence, cybersecurity and quantum technology – to build a future we can all trust, which is vital to the development of our societies. The company provides solutions, services and products that help its customers – businesses, organisations and states – in the defence, aeronautics, space, transportation and digital identity and security markets to fulfil their critical missions, by placing humans at the heart of the decision-making process.
