About Our Company

For more than 10 years, we’ve been paving the way to a more private and secure digital world. We’re an international SaaS company and a leader in the cybersecurity industry. Millions of consumers worldwide use our internet privacy and security products every day.

Our team of over 800 employees works from all around the globe. We have team members in major cities like London, Hong Kong, Singapore, Paris, Toronto, Perth, and more. And we’re just getting started.

We’re profitable and growing. We’re hiring talent across all functions: software development and engineering, product, data analytics, marketing, content, and people. Join us today and be part of our mission.

Responsibilities

As an individual contributor on our Red Team and Penetration Testing team, you’ll have a broad set of responsibilities including: (the mix will depend on your interests and skill-level)

  • Prepare and execute red team exercises and/or penetration testing projects individually or as part of a team with members across various geographic locations such as Hong Kong and Singapore and remote workers
  • Create, develop, and implement tactics, techniques, and procedures (TTPs)
  • Develop novel attack vectors based on newly discovered vulnerabilities
  • Develop home-grown software solutions and utilities for computer network attack (CNA) and computer network defense (CND)
  • Apply industry standards and best practices including the Penetration Testing Execution Standard (PTES) and the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) Framework
  • Manage penetration testing services performed by outside vendors
  • Perform red teaming of our security measures of both our employee IT and production assets
  • Perform penetration testing of our employee IT and production assets, including our applications and internal production services

Requirements

  • Demonstrated ability to: 
  • Identify vulnerabilities in web apps and web APIs by means of manual source code review, static code analysis, and/or fuzzing using tooling such as Burp Suite
  • Identify vulnerabilities in Windows/Linux/macOS software by means of manual source code reviews, static code analysis, and/or fuzzing such as AFL
  • Perform operating system security assessments, review of hardening controls
  • Advanced experience writing in languages such as: Python, bash, or Golang
  • Advanced knowledge of:
    • Windows, Linux, ChromeOS, and macOS
    • Implants, shells, Command and Control (C2) infrastructure
    • TCP/IP, IDS/IPS, firewalls, WAF, and web content filtering
    • Crypto: PGP, SSH, PKI
    • Network equipment such as Cisco, Palo Alto, and Juniper
    • AWS environments
    • Vulnerability identification and exploitation at levels up to OSCP Certified Professional
  • Interested in writing customs tools, wrappers, C2 infrastructure and agents to support internal red team and penetration testing capabilities

What we offer

  • Challenging work in a fun and collaborative environment
  • Attractive compensation and time-off benefits
  • Spacious open-concept and centrally located offices
  • Full-time employment with flexible working hours
  • Fully stocked pantry with fresh fruit and snacks
  • Team lunches and company events every quarter
  • Multicultural teams represented by 30+ nationalities
  • Reports initially to the Cybersecurity Manager and then to the Lead Red Team/Penetration Tester

 

Note: Please do not include any salary or compensation information on your resume