JOB DESCRIPTION
 
Specialist, Red Teaming
Posting Date : 19 Aug 2025 | Close Date :17 Nov 2025


Specialist, Red Teaming

JOB RESPONSIBILITIES

This is a Specialist role in Red Team/Offensive Security to join our Tech Division’s IT Security team. This is a highly technical role, responsible for proactively identifying security weaknesses across the organization’s systems through simulated attacks, vulnerability assessments, and deep-dive testing of enterprise infrastructure and applications. This individual must possess strong penetration testing, reverse engineering, and security research skills, with a proven record in testing mobile apps, web applications, APIs, networks, and operating systems. The ideal candidate will be passionate about hands-on offensive security work, well-versed in scripting and automation, and able to think like an adversary to discover blind spots others miss.

Responsible to plan and perform regular security test, monitoring and assessment on both frontend and backend application (mobile apps)

Responsible to plan and perform regular review of backend API/webservices

Responsible to perform regular vulnerability assessment across all enterprise IT assets

Responsible to conduct host configuration review on existing operating systems (servers/network devices)

Responsible to articulate and report discovered vulnerabilities in concise manners

Responsible to work closely with respective stakeholders in identifying the appropriate remediation.

Responsible to engage third party vendor to perform regular application penetration test and facilitate security assessment

Working closely with Risk team to ensure regular source code security review are performed and reported

· Responsible to follow up any application vulnerabilities until closing. Working closely with development and QA team to ensure vulnerabilities are closed in time

· To plan and perform out-of-the-box security assessment against enterprise     infrastructure to identify existing security gaps

 

REQUIREMENTS

·       Bachelor’s degree in Computer Science, Information Security, or related technical field.

·       Minimum 5–7 years of hands-on experience in red teaming, penetration testing, or offensive security roles.

·       Strong technical expertise in:

        Web and mobile app penetration testing (frontend/backend)

        API and web service security testing

        Mobile app (Android/iOS) reverse engineering and testing tools (e.g., Frida, Burp, MobSF)

        OS and network-level assessment (Windows, Linux, network devices)

        Secure SDLC, DevSecOps integration, and code scanning familiarity

·       Excellent scripting and automation skills (e.g., Python, Bash, PowerShell).

·       Prior experience in writing custom tools, exploits, or testing modules.

·       Strong reverse engineering skills for binaries or mobile apps.

·       Experience with CTF competitions, bug bounty, exploit development or security research publication is a plus.

·       Must be able to think out of the box, emulate real-world attacks, and identify unknown unknowns.

·       Offensive Security Certified Professional (OSCP)

·       OffSec OSWE, OSEP, or OSED

·       GIAC GPEN, GWAPT, GMOB, GXPN

·       Mobile Application Security Certification

·       Forensic related certification will be a plus.
 


Sub Specialization : Information Technology;IT Security
Type of Employment : Permanent
Minimum Experience : Fresher
Work Location : Kuala Lumpur
   



This site is best viewed with Internet Explorer 7 or higher and Firefox 3.x or higher. © EPS All Rights Reserved.