Senior Cyber Security (Red Team) - Software House

• Working at one of up and rising gaming company in SEA
• Stable Salary and Benefits

Client is one of the big players in gaming for SEA.

• Perform manual penetration tests against companys internal and external assets, including networks, servers, applications, and web services. This involves identifying and exploiting vulnerabilities in order to assess the security of companys systems.
• Conduct internal and external red and purple team engagements. Red teaming is a simulated attack on a companys systems by a team of ethical hackers, while purple teaming is a combination of red teaming and blue teaming (the process of defending against cyberattacks). These engagements help to identify and mitigate security risks.
• Assess security vulnerabilities to identify appropriate remediation. This involves determining the severity of each vulnerability and recommending the best course of action for fixing it, such as patching, changing configurations, or deprecating the affected system or application.
• Leverage enterprise tools to perform vulnerability scans of companys assets. This involves using automated tools to scan companys systems for known vulnerabilities.
• Report on project and operational metrics. This involves tracking and reporting on the progress of penetration testing projects, as well as the overall security posture of companys systems.
• Document security flaws, including technical details and remediation recommendations. This involves creating detailed reports of any security flaws that are found, as well as recommendations for how to fix them.
• Keep up to date on latest tools, techniques, and procedures used by hackers, and adapt companys defenses accordingly. This involves staying up-to-date on the latest threats and vulnerabilities, and using this knowledge to improve companys security posture.
• Serve as a subject matter expert in offensive security techniques. This involves having a deep understanding of penetration testing and red teaming techniques, and being able to share this knowledge with others.

• A bachelors degree in computer science or information systems, or equivalent work experience in the field of cybersecurity.
• Demonstrated in-depth experience in the following areas:
  • Web application and web service testing
  • Network infrastructure penetration testing
  • Mobile application security testing (Android / iOS)
  • Adversarial attack simulations (Red / Purple Teaming)
  • Thick client assessment and reverse engineering
  • Assessment of cloud platforms such as Alibaba Cloud, AWS, Azure or Google Cloud Platform
  • Knowledge of secure design methodologies (such as threat modelling and attack surface enumeration)
• Previous experience in a security consultant, analyst, engineer, architect, or a similar role.
• Excellent communication and interpersonal skills, with the ability to clearly and concisely explain complex technical concepts to both technical and non-technical audiences.

Working at one of up and rising gaming company in SEA

Stable Salary and Benefits