Senior Red Team Penetration Tester

We’re looking for innovative offensive security practitioners

If you’re passionate about security and privacy, and want to use your skills to help safeguard private, uncensored access for millions of customers, we’d love to speak with you. We provide a highly dynamic working environment where you’ll get to work with some of the best privacy and security focused individuals across multiple disciplines, where room for learning and growth are plentiful. As a senior individual contributor on our Red Team and Penetration Testing team, you’ll have a broad set of responsibilities including: (the mix will depend on your interests and skill-level).

• Prepare and execute penetration testing projects and/or red team engagements of our employee IT and production assets, either individually or as part of a team with members across various geographic locations such as Singapore, Hong Kong, Poland and London.
• We operate across a wide range of technologies, from client facing applications written in various languages for various platforms, to backend infrastructure and services, and router firmware. We provide an environment where you’ll be exposed to a wide range of technologies that form the backbone of many tech companies.
• You’ll need a strong white-box testing methodology and the ability to identify bugs in source code to go along with good organization and communication skills when delivering penetration tests of our applications and services.
• Work closely with the engineering teams to provide expert guidance and advice on remediation of identified vulnerabilities
• Create, develop, and implement tactics, techniques, and procedures (TTPs) to be used during red team engagements, which you will also be involved in
• Verify the existence of newly discovered vulnerabilities in our software stack, and develop novel attack vectors based on these
• Manage and support penetration testing services performed by outside vendors, from project inception, scoping, completion of the assessment, and finally, working with engineering teams to have the identified issues remediated
• Bring creative solutions to fruition for solving some of the complex security challenges faced by our organization
• Mentor, guide and support other team members using your strong technical knowledge

We're seeking demonstrated ability to:

• Identify vulnerabilities in web apps and web APIs by means of manual source code review, static code analysis, and/or fuzzing using tooling such as Burp Suite
• Identify vulnerabilities in Windows/Linux/macOS software by means of manual source code reviews, static code analysis, and/or fuzzing such as AFL
• Perform operating system security assessments and review how they interact with our applications, along with a review of hardening controls applied
• Proactively identify inefficiencies in the team’s workflow, suggest solutions and drive them to completion
• Mentor other team members and share your knowledge and findings with them
• [Optional] Identify vulnerabilities, misconfigurations and deviations from best practices within a cloud computing environment
• [Optional] Identify vulnerabilities, misconfigurations and deviations from best practices within Android and iOS applications

Preference will be given to candidates who possess strong assessment capabilities in any one domain and/or either the cloud or mobile assessment skills listed above.

• Good knowledge of:

  • Windows, Linux, ChromeOS, and macOS
  • Mobile Penetration Testing on Android/iOS
  • Implants, shells, Command and Control (C2) infrastructure
  • TCP/IP, IDS/IPS, firewalls, WAF, and web content filtering
  • Crypto: PGP, SSH, PKI
  • AWS environments
  • [Optional] Network equipment such as Cisco, Palo Alto, and Juniper

• Vulnerability identification and exploitation at levels up to OSCP, OSCE, OSWE
• Experience writing in languages such as: Python, bash, or Golang
• Experience in manual source code review and vulnerability research, with a preference for those with strong track record in this area (e.g. CTFs, bug bounty program activity, published CVEs)
• Interested in writing customs tools, wrappers, C2 infrastructure and agents to support internal red team and penetration testing capabilities

Hiring process

When it comes to hiring processes, “rigorous” and “opaque” are often mistakenly conflated. For us, it’s always a mutual exchange, so we think it’s important that candidates have a clear understanding of the process and what we’re looking for. Learn more about the hiring process by visiting our careers page.

Benefits

Health and happiness go hand in hand, and we make every effort to support our team members in all facets of their lives—both inside and outside the office. Learn more about our employee benefits by visiting our careers page.

Before you apply

• At the moment, we do not sponsor visas in the UK and the EU. For Hong Kong, we require at least two years of working experience and a university degree in a related field. For Singapore, we can only sponsor visas for mid-career or above.
• Please upload your resume as a PDF and do not include any salary or compensation information in it.

ExpressVPN is one of the world’s leading providers of online privacy and security services for consumers. Started in 2009, we’ve grown to have millions of active paying customers, a team of more than 700 people worldwide, and a brand recognized by hundreds of millions of people in 18 languages and more than a hundred countries. We see huge growth in our industry, and are gaining market share through strong execution.