We’re looking for innovative offensive security practitioners

Join our security team and help secure our company through security assessments and red teaming. We perform engagements on the internal infrastructure, software and services to ensure we are operating in a secure environment.

Red Team Penetration Tester

Responsibilities

As an individual contributor on our Red Team and Penetration Testing team, you’ll have a broad set of responsibilities including: (the mix will depend on your interests and skill-level)

  • Prepare and execute penetration testing projects and/or red team engagements individually or as part of a team with members across various geographic locations such as Hong Kong, Singapore and a few remote workers
  • Create, develop, and implement tactics, techniques, and procedures (TTPs) to be used during red team engagements
  • Develop novel attack vectors based on newly discovered vulnerabilities within our software stack
  • Develop home-grown software solutions and utilities for computer network attack (CNA) and computer network defense (CND)
  • Apply industry standards and best practices including the Penetration Testing Execution Standard (PTES) and the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) Framework
  • Manage and support penetration testing services performed by outside vendors
  • Perform red teaming of our security measures of both our employee IT and production assets
  • Deliver penetration tests of our employee IT and production assets, including our applications and internal production services
  • Work closely with the engineering teams to provide expert guidance and advice on remediation of identified vulnerabilities

Required Skills

  • Understanding of pen test methodologies and concepts
  • Knowledge of how these technologies work and ways to attack them:
    • Windows, Linux, ChromeOS, macOS
    • Web application security and vulnerabilities
    • Binary analysis and reverse engineering
    • Software and hardware supply chains
    • TCP/IP, IDS/IPS, firewalls, WAF, and web content filtering
  • Demonstrated ability to:
    • Run automated vulnerability scanning and exploitation tooling such as nmap, Nessus, Nexpose, Metasploit, Kali Linux at levels up to CEH
  • Experience writing in languages such as: Python, bash, or Golang

What we offer

  • Challenging work in a fun and collaborative environment
  • Attractive compensation and time-off benefits
  • Spacious open-concept and centrally located offices
  • Full-time employment with flexible working hours
  • Fully stocked pantry with fresh fruit and snacks
  • Team lunches and company events every quarter
  • Multicultural teams represented by 30+ nationalities
  • Reports to the Lead Red Team Penetration Tester

Note: Please upload your resume as a PDF and do not include any salary or compensation information in it.

About Us

For more than 11 years, we’ve paved the way towards a more private and secure digital world. We’re a global SaaS company and an industry leader in cybersecurity. Millions of consumers worldwide use our internet privacy and security products every day.

Our team of over 800 employees spans the planet. Team members work from major international hubs like London, Hong Kong, Singapore, Tokyo, Toronto, Taiwan, Poznań, and more.

We’re profitable, and we’re growing. Right now, we’re hiring talent across all functions: software development and engineering, product, data analytics, marketing, content, and people.

We’d love you to join us and be part of the team.