Hong Kong, Hong Kong, Hong Kong

Futu Holdings is hiring a Penetration Testing Engineer

About the Role

As a Penetration Testing Engineer, you will lead efforts to uncover and evaluate security weaknesses in applications, servers, and network infrastructure. Your work will focus on proactively testing systems through simulated attacks to ensure resilience against real-world threats.

Key Responsibilities

  • Perform comprehensive penetration tests on web and mobile applications, APIs, and internal enterprise systems
  • Analyze business workflows and transaction patterns to assess associated security risks
  • Identify and classify vulnerabilities using industry-standard frameworks and tools
  • Deliver clear, technical reports that detail risk severity, potential business impact, and practical remediation steps
  • Communicate findings effectively to engineering teams and leadership stakeholders
  • Support incident response by investigating attack methods and contributing to forensic analysis
  • Track emerging threats, CVEs, and adversarial tactics to refine testing approaches

Qualifications

  • Degree in Computer Science, Information Security, or a related discipline
  • Strong grasp of offensive and defensive security principles across web, network, and application layers
  • Hands-on experience with tools including Burp Suite, SQLMap, Nmap, and Metasploit
  • Working knowledge of common vulnerabilities such as those in the OWASP Top 10, log4j, fastjson, and middleware platforms like nginx, Apache, and Tomcat
  • Proficiency in scripting languages like Python and Shell for automation and incident analysis
  • Understanding of blockchain technology and its security implications
  • Experience in cyber defense competitions or national-level exercises is a plus
Required Skills
PythonShellBurp SuiteSQLMapNmapMetasploitnginxApacheTomcatOWASP Top 10BlockchainPenetration TestingLog4jFastjson Penetration TestingBurp SuiteSQLMapNmapMetasploitWeb SecurityNetwork SecurityOWASP Top 10nginxApacheTomcatlog4jfastjsonPythonBlockchain
Relocating to Thailand?

Visa and work permit handled by experts

SVBL manages your entire visa process — from application to approval. Work permits, extensions, and compliance all covered. One partner for legal, immigration, and settling in.

Work permit processing
Visa extensions & renewals
Immigration compliance
Banking & housing guidance
Get free consultation
Free initial consultation
About company
Futu Holdings
Listed on Nasdaq, Futu Holdings (FUTU) is a global fintech company behind the advanced digital brokerage platforms moomoo and Futubull, serving millions of users worldwide. We are a technology-driven company delivering secure, seamless access to global markets and reshaping the personal investing experience.
All jobs at Futu Holdings Visit website
Job Details
Department Information Technology
Category security
Posted 2 months ago