Security Engineer - Red Team

FinAccel is a fun, fast growing company with lofty ambitions. Starting with instant ecommerce financing, we are on a goal to disrupt unsecured lending in Southeast Asia, one of the fastest growing economic regions globally. Our first product, Kredivo, which integrates at merchant checkout, qualifies ecommerce buyers for instant ecommerce purchase financing at rates which are much lower than consumer finance companies. We do this by using breakthrough technology and science to unlock unprecedented insights about credit risk and fraud from multiple data sources: phone, social networks, telco, financial and location data.

FinAccel is founded by an experienced and well rounded team: Akshay Garg (cofounder Komli Media), Umang Rustagi (McKinsey financial services) and Alie Tan (PicStory and Affle). The company is backed by some of the biggest investors in the region: Jungle Ventures, GMO, AlphaJWC and 500 Startups. The company has a flat, egalitarian structure, no politics, no BS; people who are problem solvers and execute fast will thrive here.

FinAccel is not for everyone. People who do well here tend to have a few qualities in common:

• Intelligent
• Intellectually curious
• High ownership over their work
• Strong communicators
• Biased for speed
• Team players
• Excited by an all-in work culture
• Motivated by building innovative products

We provide employees with a work environment which is:

• learning and execution oriented without any politics or excessive managerial overhead,
• where taking initiative is highly valued,
• where making mistakes is encouraged as long as you keep learning from them,
• one of the best compensation structures in the startup world (everyone is a shareholder in the company).

If you feel this is you, then wed love to hear from you.
Security Engineer - Red Team is part of our Information Security Department who is responsible for cyber attacks. On a daily basis, our Red Team will continuously detect, analyze, and find security gaps in Finaccels systems (Infrastructure & Application). Security Engineer - Red Team must have extensive knowledge in vulnerability assessment and penetration testing. In addition, the incumbent must have a passion for learning and proactively develop themselves within the ever-growing startup company like FinAccel.

Last but not least, the incumbent will collaborate with security analyst and security engineer - blue team in developing strategies to minimize security risks in infrastructure or/and applications owned by FinAccel.

Responsibilities

Perform vulnerability assessments and penetration testing, both on infrastructure, mobile applications, and web applications.

Conduct security reviews from the perspective of external attackers (hackers).

Generate reports on the results of security assessments, both from the results of vulnerability scanning and penetration testing.

Conduct an examination of the security vulnerabilities found and help provide mitigation suggestions for the discovered vulnerabilities.
Have 3+ years of experience doing penetration testing on system infrastructure, mobile apps, and web apps.

Have knowledge of hacking techniques on system infrastructure, mobile apps, and web apps.

Having an understanding of hacking techniques is not only limited to using tools, but is able to understand the hacking process manually.

Understand standards and frameworks for vulnerability scanning and penetration testing processes such as OSSTMM, OWASP, PTES, etc.