Connecting...

W1siziisimnvbxbpbgvkx3rozw1lx2fzc2v0cy9zzwfyy2gtzwxly3qvanbnl2jhbm5lci1kzwzhdwx0lmpwzyjdxq

Jobs

Lead Security Consultant - Pentester/Red Teamer

Job Title: Lead Security Consultant - Pentester/Red Teamer
Contract Type: Permanent
Location: Singapore
Industry:
Start Date: 01/12/2020
Duration: 366
REF: 37113
Contact Name: Danielle Tan
Contact Email: danielle@searchelect.com
Job Published: 7 months ago

Job Description

Key Words: Offensive Security, Team Management, Penetration Testing, Vulnerability Assessment, Red Teaming, Social Engineering, Security Research, OSCP, OSCE, OSWE, CREST CPSA, CREST CRT, CREST CCT, CREST CSAS, CREST CSAS, GEVA, GMOB, GXPN, GCPN, GPYC
Role: Lead Security Consultant - Pentester/Red Teamer 
Industry: Security Consulting
Location: Singapore

About Our Client

Our client is a leader in providing Cybersecurity solutions and services. They offer expertise and extensive capabilities that cater to customers cybersecurity needs. Their competencies are Managed Security Services, Security Consulting, Cybersecurity Advisory and Assurance Services, Security Architecture, design and system integration services, Advanced threat detection, threat hunting incident response and Cyber Analytics.

Our client has established a strong track record in providing cybersecurity services for over 2 decades now, serving both public and private sectors.

About the Lead Security Consultant - Pentester/Red Teamer,

  • Lead and manage engagements that focus on security consulting assignments such as: web, mobile, and network penetration testing, examination of IT controls, System Security Acceptance Test, and host assessment reviews.
  • Manage a team to provide security assessment services to the clients.
  • Lead and conduct large scale security which comprises of large-scale penetration testing of hundred/thousand plus applications across multiple work streams
  • Lead and conduct Penetration Testing and Vulnerability Assessment on technology assets which include both IT and OT environments and Industrial Control Systems.
  • Lead and perform System Security Acceptance Tests for clients.
  • Lead Red Team exercises on target technology assets.
  • Lead and conduct Social Engineering projects for clients.
  • Identify vulnerabilities such as SQL injection and cross-site scripting vulnerabilities during penetration testing. It’s a plus if you have been awarded CVEs for your findings.
  • Guide/lead the team in developing customised tools to conduct tests.
  • Guide/lead the team in research and build up the book of knowledge in test Techniques, Tactics and Procedures (TTPs) as White Hat testers.
  • It’s a plus if you have been experienced in conducting various types of Cyber Security training for different target audience, from C-Suite level to technical teams.

Requirements

  • Proven experience with application penetration testing and vulnerability analysis
  • Proven experience with network penetration testing and vulnerability analysis
  • Proven experience in consulting, both external / internal stakeholders.
  • Proven experience in leading a team of consultants/pen testers. If you are a senior member of your team aiming to move to a leadership role, you must have proven experience in providing mentorship or guidance to your junior team members.
  • Ability to obtain a security clearance.
  • Sound understanding of web applications, system, and infrastructure architecture.
  • Knowledge with Virtualised environments and Cloud environments.
  • Proficient with networking and system administration.
  • Good understanding of technology controls to address technology vulnerabilities.
  • Familiar with programming languages and scripting, such as: NET programming, Java programming, Python, Perl, Javascript, VB Script, Batch Scripting, Bash scripting, Cron scripting, Powershell, etc.
  • Familiar with the MITRE ATT&CK Framework, OWASP Testing Guide, OWASP Top Ten Most Critical Web Application Security Risks.
  • Possess at least 2 or more of the following certifications: OSCP, OSCE, OSWE, CREST CPSA, CREST CRT, CREST CCT, CREST CSAS, CREST CSAS, GEVA, GMOB, GXPN, GCPN, GPYC

About You

Please note: Interested Applicants must be able to work in Singapore.

  • Ability to lead security consultants - penetration testers and red team consultants.
  • Formal or Professional education in Information Technology/Systems/Engineering
  • 8 to 10 years of working experience with relevant skillsets in the offensive security domain.
  • Bachelor’s degree in information security, Computer Engineering, Computer Science, or other equivalents.
  • Excellent presentation and briefing skills.
  • Excellent oral and written communication skills. Ability to demonstrate adaptability, initiative, and innovation in dealing with ambiguous, fast-paced situations.
  • Ability to show proficiency in one or more regional languages and dialects.
  • Ability to travel 20% of the time.

If you are interested to learn more about this opportunity, or might be looking to get into this role with transferrable skills, please feel free to send me a copy of your CV to me at:


Danielle Tan
+65 65898787
danielle@searchelect.com


SearchElect Pte. Ltd. adheres to the Singapore Ministry of Manpower Tripartite guidelines on Non-Discriminatory Job Advertisements which you can find more information about HERE.  If you feel any part of this job advertisement is discriminatory please immediately raise to our attention via webadmin@searchelect.com.  We take these matters seriously and thank you for your cooperation.