Offensive Security Associate Manager (Fintech)

  • Sector: 专业服务
  • Contact: Elizabeth Ravva
  • Client: Monroe Consulting Group
  • Location: Jakarta
  • Salary: Negotiable
  • Expiry Date: 12 December 2024
  • Job Ref: BBBH468736_1731401262
  • Contact Email: elizabeth@monroeconsulting.com
Job Description

Role Purpose

  • Leading offensive security operations, including penetration testing, red teaming, and vulnerability assessments.

Key Responsibilities

  • Lead and manage a team of offensive security professionals, including penetration testers, red team members, and vulnerability analysts. Provide mentorship, training, and performance feedback to team members.
  • Collaborate with cross-functional teams, including IT, development, and operations, to prioritize and remediate security vulnerabilities identified through offensive security testing. Communicate findings and recommendations to technical and non-technical stakeholders.
  • Plan, coordinate, and execute offensive security operations, including penetration tests, red team exercises, and vulnerability assessments, to identify and exploit security weaknesses in our systems, networks, and applications.
  • Continuously assess and improve offensive security practices, methodologies, and tools based on industry trends, lessons learned from previous engagements, and feedback from stakeholders.
  • Risk/Findings audit to be fulfilled
  • Ensure staff are informed and trained to support good corporate governance in their specific areas of work.

Knowledge

  • Penetration Testing: In-depth knowledge of penetration testing methodologies, including reconnaissance, enumeration, exploitation, post-exploitation, and reporting.
  • Red Teaming: Understanding of red teaming techniques and tactics to simulate real-world cyber attacks and assess an organization's security postureVulnerability Assessment: Proficiency in conducting vulnerability assessments across various attack surfaces, including networks, systems, applications, and cloud environments.
  • Vulnerability Assessment: Proficiency in conducting vulnerability assessments across various attack surfaces, including networks, systems, applications, and cloud environments.
  • Exploit Development: Familiarity with exploit development techniques and methodologies to identify and exploit security vulnerabilities.
  • Scripting and Programming: Proficiency in scripting and programming languages such as Python, PowerShell, or Bash for automation, tool development, and exploit scripting.
  • Regulatory Compliance: Understanding of relevant laws, regulations, and industry standards related to offensive security testing, including legal and ethical considerations.
  • Cybersecurity : Knowledge of cybersecurity principles, practices, technologies, and regulatory requirements.


Qualifications

Technical

  • Penetration tests, vulnerability assessments, and security audits (VAPT)
  • Red teaming exercises and adversarial simulation techniques.
  • Metasploit , Burp Suite, Nmap
  • Scripting languages (e.g., Python, PowerShell)
  • MobSF (Mobile Security Framework)
  • Drozer
  • OWASP Mobile Security Testing Guide (MSTG)

Non-technical

  • Collaborative Leadership
  • Time Management Skills
  • Vision and Strategy
  • Conflict Management Skills
  • Emotional Resilience


Other Information

  • Experience in leading and managing offensive security operations, including penetration tests, red team exercises, and vulnerability assessments.Experience with threat intelligence analysis, security research, and incident response support.Minimum of 3 years of experience in offensive security roles, with at least 2 years in a leadership or supervisory position.
  • Bachelor's degree in computer science, information security, or a related field. Master's degree preferred.Offensive Security Certifications: Offensive Security Certified Professional (OSCP), Offensive Security Certified Expert (OSCE), or similar certifications highly desired.