Offensive Security Team Leader

Budget : Not over than 100,000 THB

Working hours : Monday Friday at 9.00 a.m. 6.00 p.m. (WFH 2 days per week on Tue & Thu)

Location : BTS Mo Chit - Good Space

Interview process : 1 round (HR team and Department Team)

Responsibilities :

• Perform security assessment of Network, Operating System, and Application via security audit, vulnerability assessment, penetration testing, and application vulnerability analysis.
• Perform vulnerability research in software applications, protocols, and network services via Blackbox fuzzing or source code review.
• Research new attacking techniques and cutting-edge security topics.
• Develop/Write exploit or use public exploit to gain access to the network.
• Document technical issues and findings identified during the security assessment.
• Deliver professional onsite and remote briefings to clients based on results of security assessments.

• Manage and mature offensive security program services and processes including contributing to the development of cybersecurity strategy, policy, standards, and procedures
• Liaise with stakeholders, customers, partners, and vendors
• Improve customer deliverable through report template and procedural updates
• Write scripts to automate assessment tasks and improve work efficiency
• Support recruitment, resource planning and program budget management efforts

Qualifications :

• 5 years experience in offensive security and 10 years experience in direct security.
• Thai Candidate
• Leadership experience, with expertise working with highly skilled technical team members
• In-depth knowledge application security, offense and defense
• In-depth knowledge of software development process and proficient in at least one of the following programming/scripting languages: Python, C, Assembly, PHP, C#, PowerShell, Java, and Bash. Other programming language can be considered.
• Solid understanding of network security and technologies
• Expert or advanced knowledge in internals of Windows or Unix/Linux operating system. You are not required to be an expert in both OS but you have to be an expert in at least one.
• Familiar with various security tools including port scanners, vulnerability scanners (network/OS/app/web app), exploit frameworks, sniffers, password crackers, and wireless auditing tools.
• Able to simulate APT and MITRE ATT&CK Framework
• Practical knowledge in exploit writing/development.
• Familiar with debugger tools such as IDA Pro, OllyDBG, Immunity Debugger, and gdb.
• Must communicate well in both Written and Spoken English.
• An ability to work under a dynamic environment and remotely.
• Good team player.
• Able to work under pressure with positive attitude towards the team.
• Reliable responsibility.
• Must be able to travel abroad.