Enable job alerts via email!
Offensive Security Engineer (Red Team) - Information Security
SHOPEE SINGAPORE PRIVATE LIMITED
Singapore
On-site
USD 80,000 - 150,000
Full time
Boost your interview chances
Create a job specific, tailored resume for higher success rate.
Job summary
An innovative company is seeking a skilled security engineer to join their dynamic Engineering and Technology team. In this role, you will design and perform adversary emulation, ensuring that systems meet high standards of security. You will leverage your expertise in Python and Go to identify vulnerabilities and enhance the red team's capabilities. This position offers an exciting opportunity to tackle significant technical challenges in a rapidly growing environment, making it perfect for technology enthusiasts eager to make a lasting impact.
Qualifications
- 5+ years of experience in red team roles or similar positions.
- Strong security development skills with expertise in Python and Go.
Responsibilities
- Design and perform APT adversary emulation to assess infrastructure security.
- Translate requirements into test plans and execute test scripts.
Skills
Education
Tools
Job description
The Engineering and Technology team is at the core of the Shopee platform development. The team is made up of passionate engineers from around the world, striving to build the best systems with suitable technologies. Our engineers not only solve immediate problems but also build foundations for a long-lasting future. We take initiative to address challenges at all levels of the computing platform. Shopee's rapid business growth has transformed many simple problems into significant technical challenges, making it an ideal environment for technology enthusiasts.
Job Description:
- Design and perform APT adversary emulation to assess if infrastructure components, systems, and applications meet standards for confidentiality, integrity, authentication, availability, authorization, and non-repudiation.
- Translate requirements into test plans, write and execute test scripts or codes according to standards to identify vulnerabilities.
- Manage weaponization capabilities within the red team.
- Research undiscovered vulnerabilities (0-day) during red team engagements.
Requirements:
- Bachelor’s degree or higher in Computer Science, Information Technology, Programming & Systems Analysis, Engineering, or related fields.
- At least 5 years of experience in red team roles or similar positions.
- Strong security development skills, with expertise in Python, Go, and experience in dynamic web crawling and distributed development.
- Proficiency in code auditing, with the ability to quickly identify and exploit vulnerabilities such as command injection, insecure deserialization, stack overflow, etc.
- Experience with frameworks like Puppeteer, Playwright, RabbitMQ, ELK, Yaklang, etc.
- Excellent communication skills and teamwork abilities.
- Self-motivated with a quick learning curve.
Preferred Experience:
- Experience in penetration testing, red teaming, and familiarity with kill chains in the ATT&CK framework.
- Experience in APT offensive and defensive operations.
- Proven record of bug bounty awards, contributions as a GitHub star, etc.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
