Đăng nhập
Đăng ký
Mô Tả Công Việc
Own end-to-end offensive security assessments—web/API/mobile, infra/cloud, and Active Directory—and ship findings that matter. Act as the anchor for most pentest delivery while contributing to purple-team detection tuning. Core Responsibilities 1. Assessment DeliveryPlan and execute scoped tests across web, API, mobile, external/internal networks, AD, and AWS/Azure/GCPEmulate APT-style adversaries when scope allows (priv-escalation, lateral movement, data-exfil). 2. Impact Validation & RemediationProve practical business impact (auth bypass, sensitive-data exposure, lateral paths).Draft remediation steps that developers/administrators can realistically implement3. Content & AutomationBuild and maintain reusable checks: Nuclei/Burp/ZAP templates, Semgrep rules, custom scripts (Python/PowerShell/Bash).Automate evidence collection and reporting where it eliminates grunt work.4. Engagement Leadership (rotational)Own scoping calls, daily stand-ups, mid-engagement risk reviews, and final report sign-offEnforce ROE and quality gates (evidence completeness, exploit reproducibility)5. Purple-Team RotationMap top attacker TTPs to detections with Blue Team; validate coverage, tune SIEM/EDR rules, and document gaps6. Research & ToolingTrack emerging TTPs, EDR bypass techniques, and cloud IAM abuses; integrate the useful ones into playbooks.
Xem toàn bộ Mô Tả Công Việc
Yêu Cầu Công Việc
Must-Have SkillsOffensive fundamentals:Solid OWASP/API testing, AD abuse basics (Kerberoasting, ACL misconfigs).Cloud IAM misconfig patterns across AWS, Azure, GCP (e.g., privilege-escalation paths, cross-account pivot).Manual exploitation discipline—no blind scanner drop-offs.Tooling proficiency: Metasploit, Burp Suite, Nmap, BloodHound, Covenant/Sliver (or equivalent), plus custom scripting in Python/PowerShell/Bash.Evidence quality: Screenshots, packet captures, logs—well-annotated and reproducible.Reporting & comms: Concise technical write-ups and executive summaries; comfortable leading risk calls.Certifications (preferred, not mandatory): OSCP, OSEP, CRTO, GXPN, or equivalent proven experience.Nice-to-HavesExploit development (e.g., custom payloads, fuzzing)Experience bypassing modern EDR/XDR stacksConference presentations or published researchSoft Skills:Strong proficiency in both written and spoken English.Adaptability to thrive in dynamic, fast-paced environments and remote work settings.Effective team player with excellent collaboration and interpersonal skills.Ability to perform under pressure with a positive attitude and a focus on team success.Demonstrates high levels of responsibility, reliability, and accountability.Willingness and ability to travel internationally when required.
Xem toàn bộ Yêu Cầu Công Việc
Hình thức
Full-time
Quyền Lợi
We go the extra mile to ensure your experience working onsite in the UAE is seamless, rewarding, and enriching:• Flexible Work Hours: Enjoy a balanced lifestyle with a 6-hour workday, from 10:00 AM to 5:00 PM, including a 1-hour lunch break.• 30 Days of Paid Leave: Accumulate your annual 30-day leave for longer holidays, travel adventures, or quality time with family.• Flight Benefits: We provide a round-trip flight to Dubai when you onboard, plus two return flights to Vietnam each year so you can stay close to home while building a global career.• Supported Living: We take care of your accommodation and support daily living expenses to ensure a comfortable, stress-free experience from day one. Our team will support you every step of the way.• Visa & Legal Assistance: We sponsor your visa and handle all required legal procedures, giving you peace of mind throughout the relocation process.• Modern Central Office: Our office is in the heart of vibrant Dubai, with easy access to metro lines, shopping malls, green parks, and world-class amenities.• Onsite Support: You’ll have the ongoing support of our HR and admin teams, dedicated to helping you settle in and thrive — both professionally and personally.________________________________________If you’re passionate about taking your tech career to an international stage — we’d love to hear from you.
Mức lương
Thỏa thuận
Báo cáo tin tuyển dụng: Nếu bạn thấy rằng tin tuyển dụng này không đúng hoặc có dấu hiệu lừa đảo,
hãy phản ánh với chúng tôi.
Tham khảo: 10 Dấu hiệu nhận biết hành vi lừa đảo qua tin tuyển dụng.
Tham khảo: 10 Dấu hiệu nhận biết hành vi lừa đảo qua tin tuyển dụng.
