Job Title:
Specialist I, Cyber Defense Operation Centre (TCF)Job Description
We are seeking a skilled Level 2 SOC - Testing Specialist to join our cybersecurity team. The ideal candidate will play a critical role in assessing and strengthening the organization’s security posture. This position involves conducting penetration tests, performing vulnerability assessments, and validating controls by actively testing for exploitable weaknesses to ensure our defenses are robust and resilient.We are seeking a skilled Level 2 SOC - Testing Specialist to join our cybersecurity team. The ideal candidate will play a critical role in assessing and strengthening the organization’s security posture. This position involves conducting penetration tests, performing vulnerability assessments, and validating controls by actively testing for exploitable weaknesses to ensure our defenses are robust and resilient.
Key Responsibilities
- Conduct comprehensive penetration testing across networks, web applications, and other critical systems to identify security vulnerabilities.
- Perform vulnerability assessments and develop detailed reports outlining findings, risk severity, impact, and remediation recommendations.
- Work closely with IT and security teams to design and implement strategies that mitigate identified security risks.
- Simulate real‑world cyber‑attack scenarios to evaluate the effectiveness of existing security controls and identify improvement areas.
- Stay current with emerging cybersecurity threats, trends, tools, and attack techniques.
- Assist in the planning, execution, and reporting of advanced security assessment activities.
- Provide expert guidance on security best practices and adherence to organizational and regulatory requirements.
- Accurately document and report identified security weaknesses, incidents, or breaches in a timely manner.
Qualifications
- Bachelor’s degree in Computer Science, Information Security, or a related field.
- 3+ years of experience in penetration testing, security assessments, or a related cybersecurity role.
- Strong understanding of network protocols, application security principles, and operating system security.
- Hands‑on experience with security testing tools such as Metasploit, Burp Suite, Nmap, or similar platforms.
- Industry‑recognized certifications such as OSCP, CEH, CISSP, or equivalent are highly preferred.
- Strong analytical and problem‑solving skills with keen attention to detail.
- Excellent written and verbal communication skills to clearly articulate complex security issues to both technical and non‑technical stakeholders.
Preferred Skills
- Experience with scripting and automation using Python, Bash, or PowerShell.
- Familiarity with security and compliance frameworks such as ISO 27001, NIST, and GDPR.
- Experience with threat modeling and structured security assessment methodologies.
- Ability to work independently while also thriving in a collaborative, team‑oriented environment.
- Complete all assigned, mandatory training within the timeframe provided
- Conduct and/or participate in regularly scheduled 1:1 meetings with direct manager and/or direct reports
Location:
MYS Kuala Lumpur Sentral - NU Tower 2 - Level 9 &10Language Requirements:
Time Type:
Full timeSkills Required
- Bachelor's degree in Computer Science, Information Security, or related field
- 3+ years experience in penetration testing, security assessments, or related cybersecurity role
- Hands-on experience with security testing tools such as Metasploit, Burp Suite, Nmap
- Strong understanding of network protocols, application security principles, and operating system security
- Strong written and verbal communication skills to explain complex security issues to technical and non-technical stakeholders
- Industry-recognized certifications such as OSCP, CEH, CISSP or equivalent
- Experience with scripting and automation using Python, Bash, or PowerShell
- Familiarity with security and compliance frameworks such as ISO 27001, NIST, GDPR
- Experience with threat modeling and structured security assessment methodologies
What We Do
CNX Resources Corporation (NYSE: CNX) is the premier natural gas development, midstream, and technology company in Appalachia – one of the most energy abundant regions in the world. We believe in an Appalachia First approach to our work – prioritizing investments and utilizing home-grown resources that truly make a Tangible, Impactful, and Local difference in our regional communities first, and then far beyond. Over the past 150+ years, our 100% local workforce has produced low cost and low emission natural gas to help meet the world’s growing energy demand and catalyze environmental progress. Learn more about our company at CNX.com. Or, to view stories on our vision, innovations and actions, visit PositiveEnergyHub.com








