This is an excellent opportunity for a Red Teamer or an experienced Penetration Tester who is keen to assist our Client in the Financial Services to build a brand new Red Team in Singapore. The candidate will need to have a proven track record in advanced network, system and application exploitation and will be required to work independently or as part of the red team to execute threat simulations.
- Plan and execute red team operations and campaigns across the spectrum of people, processes and technologies.
- Develop techniques from the Mitre ATT&CK framework and perform purple teaming exercises working closely with the SOC team to enhance detection and prevention capabilities.
- Support the development of red teaming methods, operations and simulations within and across the enterprise to include cyber security, personnel security, operations security, facilities security, and third party vendors/service providers.
- Provide regular threat/risk updates, presenting findings and learnings from cyber-attacks, red team operations, and cyber-attack simulations within a context of overall risk to the enterprise.
- Work closely with existing technology infrastructure, business application and security teams, both to receive input and to provide practical and actionable threat intelligence.
- Bachelor degree in Computer Science, Computer Engineering, Software Engineering or related discipline.
- At least 10 years of IT experience, in which over 4 years are in the domain of technical security testing.
- OSCP and/or CREST CRT certified.
- Advanced certifications such as OSCE, OSEP, CRTE, OSEE, GXPN, CREST CCT and CCSAS would be an advantage.
- Experience in exploiting web apps and web services security vulnerabilities including cross-site scripting, cross site request forgery, SQL injection, DoS attacks, XML/SOAP, and API attacks.
- Ability to build custom tools and exploits using one or more of the following: powershell, python or C#.
- Experience in utilizing the Mitre ATT&CK framework would be an advantage.
- Red teaming and purple teaming experience would be an advantage, but not a requirement.
- Excellent communication, writing and presentation skills.
Morgan McKinley Pte Ltd
EA Licence No: 11C5502
Registration No: R1106192