Connecting...

W1siziisimnvbxbpbgvkx3rozw1lx2fzc2v0cy9zzwfyy2gtzwxly3qvanbnl2jhbm5lci1kzwzhdwx0lmpwzyjdxq

Jobs

Red Team Consultant

Job Title: Red Team Consultant
Contract Type: Permanent
Location: Singapore
Industry:
Start Date: 05/08/2019
Duration: 367
REF: 35049
Contact Name: Danica Pagsisihan
Contact Email: danica@searchelect.com
Job Published: 8 months ago

Job Description

Key Words: Managed Security, Security Consulting, Penetration Testing, Vulnerability Assessment, VAPT, Red Team
Role: Red Team Consultant
Industry: Managed Security  Services, Security Consulting
Function: Penetration testing, Source Code Reviews, threat analysis, wireless network assessments, and social-engineering assessments
Location: Singapore

About Our Client

Our client is a global specialist focused on delivering a comprehensive range of IT Security services to blue-chip and public sector clients. Their philosophy is to deliver high-quality testing, consultancy services and unsurpassed levels of support to the client base.

They offer specialization in areas like Information Security, Penetration Testing, Red Teaming, PCI & Payment Security, Research, Security Assessments, Compliance, Mobile Security, Incident Response, Scanning Services, Training, Threat Modelling, Cyber Security, Cyber Defense, and Phishing Assessments

Our client offers a positive, enthusiastic working environment where knowledge sharing is encouraged between all members of the organisation, with excellent training provided to help team members upskill themselves to become better at what they do including a monthly budget allowance dedicated to training.

About the Red Team Consultant

  • A successful Red Team consultant should possess a deep understanding of both information security and computer science. They should understand basic concepts such as networking, applications, and operating system functionality and be able to learn advanced concepts such as application manipulation, exploit development, and stealthy operations.
  • This is not a “press the ‘pwn’ button” type of job; this career is technical and challenging with opportunities to work in some of the most exciting areas of security consulting on extremely technical and challenging work.
  • A typical job could be breaking into a segmented secure zone at a Fortune 500 bank, reverse engineering an application and encryption method in order to gain access to sensitive data, all without being detected.
  • If you can exploit at scale while remaining stealthy, identify and exploit misconfigurations in network infrastructure, parse various types of output data, present relevant data in a digestible manner, think well outside the box, or are astute enough to quickly learn these skills, then you’re the type of consultant we’re looking for.
  • You’ll be faced with complex problem-solving opportunities and hands-on testing opportunities daily. We help our clients protect their most sensitive and valuable data through comprehensive and real-world scenario testing. The objective doesn’t end at gaining “domain admin” or “root”; this is expected and is only a starting point.
  • You are expected to quickly assimilate new information as you will face new client environments on a weekly or monthly basis. You will be expected to understand all the threat vectors to each environment and properly assess them. You will get to work with some of the best red teamers in the industry, causing you to develop new skills as you progress through your career.

Key Responsibilities

•        Perform network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessments

•        Develop comprehensive and accurate reports and presentations for both technical and executive audiences

•        Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel

•        Recognize and safely utilize attacker tools, tactics, and procedures

•        Develop scripts, tools, or methodologies to enhance the company’s red teaming processes

•        Assist with scoping prospective engagements, leading engagements from kick-off through remediation, and mentoring less experienced staff

 

About You

Please note: Interested Applicants must be able to work in Singapore.

•        Bachelor's degree in a technical field

•        Experience in at least three of the following:

•        Network penetration testing and manipulation of network infrastructure

•        Mobile and/or web application assessments

•        Email, phone, or physical social-engineering assessments

•        Shell scripting or automation of simple tasks using Perl, Python, or Ruby

•        Developing, extending, or modifying exploits, shellcode or exploit tools

•        Developing applications in C#, ASP, .NET, ObjectiveC, Go, or Java (J2EE)

•        Reverse engineering malware, data obfuscators, or ciphers

•        Source code review for control flow and security flaws

•        Strong knowledge of tools used for wireless, web application, and network security testing

•        Thorough understanding of network protocols, data on the wire, and covert channels

•        Mastery of Unix/Linux/Mac/Windows operating systems, including bash and Powershell

If you are interested to learn more about the above job role or any other job opportunities, please apply to this job advertisement or alternatively contact the following consultant:
Danica Pagsisihan
+65 65898787
danica@searchelect.com
SearchElect Pte. Ltd. adheres to the Singapore Ministry of Manpower Tripartite guidelines on Non-Discriminatory Job Advertisements which you can find more information about HERE.  If you feel any part of this job advertisement is discriminatory please immediately raise to our attention via webadmin@searchelect.com.  We take these matters seriously and thank you for your cooperation.