Location : Singapore, Hong Kong, London, Poznan

We’re looking for innovative offensive security practitioners

Join our security team and help secure our company through security assessments and red teaming. We perform engagements on the internal infrastructure, software and services to ensure we are operating in a secure environment.

Senior Red Team Penetration Tester

Responsibilities

As an individual contributor on our Red Team and Penetration Testing team, you’ll have a broad set of responsibilities including: (the mix will depend on your interests and skill-level)

  • Prepare and execute penetration testing projects and/or red team engagements individually or as part of a team with members across various geographic locations such as Hong Kong, Singapore and a few remote workers
  • Create, develop, and implement tactics, techniques, and procedures (TTPs) to be used during red team engagements
  • Develop novel attack vectors based on newly discovered vulnerabilities within our software stack
  • Develop home-grown software solutions and utilities for computer network attack (CNA) and computer network defense (CND)
  • Apply industry standards and best practices including the Penetration Testing Execution Standard (PTES) and the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) Framework
  • Manage and support penetration testing services performed by outside vendors
  • Perform red teaming of our security measures of both our employee IT and production assets
  • Deliver penetration tests of our employee IT and production assets, including our applications and internal production services
  • Work closely with the engineering teams to provide expert guidance and advice on remediation of identified vulnerabilities

Required Skills – Senior Red Team Penetration Tester

  • Demonstrated ability to:
    • Identify vulnerabilities in web apps and web APIs by means of manual source code review, static code analysis, and/or fuzzing using tooling such as Burp Suite
    • Identify vulnerabilities in Windows/Linux/macOS software by means of manual source code reviews, static code analysis, and/or fuzzing such as AFL
    • Identify vulnerabilities, misconfigurations and deviations from best practices within a cloud computing environment
    • Identify vulnerabilities, misconfigurations and deviations from best practices within Android and iOS applications
    • Perform operating system security assessments, review of hardening controls
    • Proactively identify inefficiencies in the team’s workflow, suggest solutions and drive them to completion
  • Advanced knowledge of:
    • Windows, Linux, ChromeOS, and macOS
    • Mobile Penetration Testing on Android/iOS
    • Implants, shells, Command and Control (C2) infrastructure
    • TCP/IP, IDS/IPS, firewalls, WAF, and web content filtering
    • Crypto: PGP, SSH, PKI
    • Network equipment such as Cisco, Palo Alto, and Juniper
    • AWS environments
  • Vulnerability identification and exploitation at levels up to OSCP, OSCE, OSWE
  • Experience writing in languages such as: Python, bash, or Golang
  • Interested in writing customs tools, wrappers, C2 infrastructure and agents to support internal red team and penetration testing capabilities

What we offer:

  • Challenging work in a fun and collaborative environment
  • Attractive compensation and time-off benefits
  • Spacious open-concept and centrally located offices
  • Full-time employment with flexible working hours
  • Fully stocked pantry with fresh fruit and snacks
  • Team lunches and company events every quarter
  • Multicultural teams represented by 30+ nationalities
  • Reports to the Lead Red Team Penetration Tester

 

Note: Please upload your resume as a PDF and do not include any salary or compensation information in it.

About Us

For more than 11 years, we’ve paved the way towards a more private and secure digital world. We’re a global SaaS company and an industry leader in cybersecurity. Millions of consumers worldwide use our internet privacy and security products every day.

Our team of over 800 employees spans the planet. Team members work from major international hubs like London, Hong Kong, Singapore, Tokyo, Toronto, Taiwan, Poznań, and more.

We’re profitable, and we’re growing. Right now, we’re hiring talent across all functions: software development and engineering, product, data analytics, marketing, content, and people.

We’d love you to join us and be part of the team.