Offensive Security Engineer (SG)
Remote - Singapore
Applications have closed
Crypto.com
Over 80 million users buy, sell, and trade Bitcoin, Ethereum, NFTs and more on Crypto.com. Join the World's leading crypto trading platform.Crypto.com was founded in 2016, Crypto.com today serves over 10 million customers with the world’s fastest growing crypto app, along with the Crypto.com Visa Card — the world’s largest crypto card program — the Crypto.com Exchange and Crypto.com DeFi Wallet. Recently launched, Crypto.com NFT is the premier platform for collecting and trading NFTs, carefully curated from the worlds of art, design, entertainment and sports.
Crypto.com is built on a solid foundation of security, privacy and compliance and is the first cryptocurrency company in the world to have ISO/IEC 27701:2019, ISO27001:2013 and PCI:DSS 3.2.1, Level 1 compliance, and independently assessed at Tier 4, the highest level for both NIST Cybersecurity and Privacy Frameworks.
With over 4000 people in offices across the Americas, Europe and Asia, Crypto.com is accelerating the world’s transition to cryptocurrency. Find out more: https://crypto.com
For more information, please visit www.crypto.com.
What you will do:
- As an individual contributor in our Offensive team, your responsibilities will include the followings:
- Create, develop, and implement tactics, techniques, and procedures (TTPs) to be used in our regular assessment with the blue team.
- Develop novel attack vectors based on newly discovered vulnerabilities in our software stack
- Develop in-house security automation solution that makes our security checking faster and easier
- Apply industry standards and best practices including the OWASP and the MITRE ATT&CK Framework
- Assess security measures applicable to our employees, virtual and physical asset
- Work with compliance team to provide technical assessment and remediation advice according the different local laws
- Work closely with the development teams to provide expert guidance and advice on remediation of identified vulnerabilities
Requirements
- Understanding of pentest and red teaming methodologies and concepts
- Basic understanding of compliance procedures
- Knowledge of how these technologies work and ways to attack them:
- Windows, Linux, macOS
- Web and mobile application security and vulnerabilities
- Binary analysis and reverse engineering
- Software and hardware supply chains
- Basic networking knowledge, CDN, WAF, and web content filtering
- Azure, GCP, AWS
- Experience in writing the following languages: Python, golang, bash
- Experience in reviewing the following languages from a security perspective: Python, goland, Java, Swift, Ruby, Elixir
Good to have
- Provable experience of your pentest and red teaming skills (e.g. bug bounty reports, CTF result, blog, technical security certificates)
Benefits
- Working in a well-organized team and be able to learn how to protect an Enterprise and ship secure applications at a fast pace
- New challenges every day, but still be able to enjoy work-life balance
- Have exposure to many cutting edge technologies in the industry
- Flexible working environment with adjustable work from home arrangements
Tags: Application security Automation AWS Azure Bash Blue team Compliance Crypto CTF GCP Golang ISO 27001 Java Linux MacOS MITRE ATT&CK NIST Offensive security OWASP Privacy Python Reverse engineering Ruby TTPs Vulnerabilities Windows
Perks/benefits: Flex hours
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs