Cyber Security Offensive Manager (Ascend Money)

FINTECH
location_on Bangkok

Job Description

  • Conduct advanced penetration tests to identify vulnerabilities in computer systems, networks, and applications.
  •  Perform vulnerability assessments and security audits to evaluate the effectiveness of existing security measures.
  • Develop and execute simulated cyber-attacks to assess the organization’s readiness to defend against real-world threats.
  • Employ various attack methodologies to test the resilience of systems against hacking attempts and security breaches.
  • Perform threat modeling to anticipate potential attack vectors.
  • Analyze risks associated with identified vulnerabilities and recommend appropriate mitigation strategies.
  • Develop custom tools and scripts to automate penetration testing and exploit known vulnerabilities.
  • Keep up to date with the latest exploitation techniques and security tools.                                                         
  • Prepare detailed reports on findings from penetration tests and security assessments.                               
  •  Document and present risks and vulnerabilities to relevant stakeholders, along with recommended countermeasures.
  • Collaborate with the Blue Team to enhance the organization’s defensive strategies based on offensive findings.
  • Share insights and knowledge on emerging threats and attack techniques with the cybersecurity team to continually improve defensive measures.

Qualifications

  • Bachelors or Masters Degree in Computer Engineering, Computer Science or related field.
  • At least 10 years of experience in penetration testing and vulnerability assessments or related roles.
  • Strong knowledge of network and application security, ethical hacking, and cybersecurity principles.
  • Familiarity with penetration testing tools (e.g., Metasploit, Burp Suite, Kali Linux).
  • Excellent problem-solving skills and ability to think like an adversary.
  • Good communication skills for effective reporting and stakeholder engagement.
  • Rapid learning capability and able to work under pressure.
  • Good command in written and spoken Thai and English language.
  • Ability to present technical solutions with stakeholders in an easy way.  
  • Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, etc.
  •  Professional Certificated related to work e.g. (CISSP, OSCP, OSWE) is desirable

Location: True Digital Park, Punnawithi

BACK