Senior Red Team Penetration Tester

We’re looking for innovative offensive security practitioners

If you’re passionate about security and privacy, and want to use your skills to help safeguard private, uncensored access for millions of customers, we’d love to speak with you. We provide a highly dynamic working environment where you’ll get to work with some of the best privacy and security focused individuals across multiple disciplines, where room for learning and growth are plentiful. As a senior individual contributor on our Red Team and Penetration Testing team, you’ll have a broad set of responsibilities including: (the mix will depend on your interests and skill-level).

• Prepare and execute penetration testing projects and/or red team engagements of our employee IT and production assets, either individually or as part of a team with members across various geographic locations such as Singapore, Hong Kong, Poland and London.
• We operate across a wide range of technologies, from client facing applications written in various languages for various platforms, to backend infrastructure and services, and router firmware. We provide an environment where you’ll be exposed to a wide range of technologies that form the backbone of many tech companies.
• You’ll need a strong white-box testing methodology and the ability to identify bugs in source code to go along with good organization and communication skills when delivering penetration tests of our applications and services.
• Work closely with the engineering teams to provide expert guidance and advice on remediation of identified vulnerabilities
• Create, develop, and implement tactics, techniques, and procedures (TTPs) to be used during red team engagements, which you will also be involved in
• Verify the existence of newly discovered vulnerabilities in our software stack, and develop novel attack vectors based on these
• Manage and support penetration testing services performed by outside vendors, from project inception, scoping, completion of the assessment, and finally, working with engineering teams to have the identified issues remediated
• Bring creative solutions to fruition for solving some of the complex security challenges faced by our organization
• Mentor, guide and support other team members using your strong technical knowledge

We're seeking demonstrated ability to:

• Identify vulnerabilities in web apps and web APIs by means of manual source code review, static code analysis, and/or fuzzing using tooling such as Burp Suite
• Identify vulnerabilities in Windows/Linux/macOS software by means of manual source code reviews, static code analysis, and/or fuzzing such as AFL
• Perform operating system security assessments and review how they interact with our applications, along with a review of hardening controls applied
• Proactively identify inefficiencies in the team’s workflow, suggest solutions and drive them to completion
• Mentor other team members and share your knowledge and findings with them
• [Optional] Identify vulnerabilities, misconfigurations and deviations from best practices within a cloud computing environment
• [Optional] Identify vulnerabilities, misconfigurations and deviations from best practices within Android and iOS applications

Preference will be given to candidates who possess strong assessment capabilities in any one domain and/or either the cloud or mobile assessment skills listed above.

• Good knowledge of:

  • Windows, Linux, ChromeOS, and macOS
  • Mobile Penetration Testing on Android/iOS
  • Implants, shells, Command and Control (C2) infrastructure
  • TCP/IP, IDS/IPS, firewalls, WAF, and web content filtering
  • Crypto: PGP, SSH, PKI
  • AWS environments
  • [Optional] Network equipment such as Cisco, Palo Alto, and Juniper

• Vulnerability identification and exploitation at levels up to OSCP, OSCE, OSWE
• Experience writing in languages such as: Python, bash, or Golang
• Experience in manual source code review and vulnerability research, with a preference for those with strong track record in this area (e.g. CTFs, bug bounty program activity, published CVEs)
• Interested in writing customs tools, wrappers, C2 infrastructure and agents to support internal red team and penetration testing capabilities