Job Posting for Offensive Security Engineer (Red Team) - Information Security at Shopee
Department Engineering and Technology
LevelExperienced (Individual Contributor)
LocationSingapore
The Engineering and Technology team is at the core of the Shopee platform development. The team is made up of a group of passionate engineers from all over the world, striving to build the best systems with the most suitable technologies. Our engineers do not merely solve problems at hand; We build foundations for a long-lasting future. We don't limit ourselves on what we can or can't do; we take matters into our own hands even if it means drilling down to the bottom layer of the computing platform. Shopee's hyper-growing business scale has transformed most "innocent" problems into huge technical challenges, and there is no better place to experience it first-hand if you love technologies as much as we do.
Job Description:
Design and perform APT adversary emulation to determine if infrastructure components, systems and applications meet confidentiality, integrity, authentication, availability, authorisation, and non-repudiation standards
Translate requirements into test plan, write and execute test scripts or codes in line with standards and procedures to determine vulnerability to attacks
Responsible for the weaponisation capabilities of the red team
Research of undiscovered vulnerabilities (0 day) in red team engagements
Requirements:
Bachelor’s degree or higher in Computer Science, Information Technology, Programming & Systems Analysis, Engineering, or other related fields
Minimum 5 years of work experience in red team-related or relevant positions
Strong security development capabilities, with expertise in Python, Go, and in-depth experience in dynamic web crawling and distributed development
Proficiency in code auditing with the ability to quickly identify vulnerabilities in insecure code that can be exploited by the red team e.g. command injection, insecure deserialization, stack overflow, independently writing exploit codes
Proficiency in various frameworks such as Puppeteer, Playwright, RabbitMQ, ELK, Yaklang, etc
Strong communication skills and effective teamwork spirit
Self-starter and fast learning ability
Preferred Experience
Experience in pen-testing and red teaming, and familiar with kill chains in ATT&CK Framework (e.g. initial access, Windows AD testing, lateral movement)
Experience in performing APT offensive and defensive
Proven track record of bug bounty awards, Github star authors, etc
Senior Infrastructure Security Engineer - Information Security
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution.
Compensation Planning
View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles
Skills Library
Not the job you're looking for? Here are some other Offensive Security Engineer (Red Team) - Information Security jobs in the Singapore, area that may be a better fit.
We don't have any other Offensive Security Engineer (Red Team) - Information Security jobs in the Singapore, area right now.
Demo
Singapore,
Full Time