Penetration Tester (Sr. Red Team)

Posted 20 Hours Ago
Be an Early Applicant
Makati, Southern Manila District, National Capital Region
Senior level
Information Technology • Consulting
The Role
As a Penetration Tester in a Red Team, you will simulate attacks on systems, networks, and applications to identify vulnerabilities. Responsibilities include conducting exercises, documenting findings, collaborating with Blue teams, and enhancing security measures. You will also be involved in designing advanced attack scenarios and improving detection capabilities.
Summary Generated by Built In

Company Description

Founded and headquartered in Switzerland, Avaloq is continuously expanding its global footprint with around 2,500 colleagues in 12 countries, and more than 160 clients in 35 countries. We are an industry-leading provider of wealth management technology and services for financial institutions around the world, including private banks and wealth managers, investment managers, as well as retail and neo banks. Our research led approach and continual innovation is powered by the passion and creativity of our colleagues.
We are always looking for talented people to join us on our mission to orchestrate the financial ecosystem and democratize access to wealth management. Avaloq offers the opportunity to work closely with some of the world’s leading financial institutions as we jointly develop and shape careers. Championing a collaborative, supportive and flexible work environment empowers our colleagues to reach their full potential.

Job Description

You will be part of a well-established international Information Security team focused on Offensive Security activities. As a Red Team Specialist, you will play a critical role in assessing and enhancing our organization's security defenses.

Your primary responsibility is to simulate attacks on the organization's systems, networks, and applications to identify vulnerabilities and weaknesses; document the findings, and work with stakeholders to ensure that any findings are understood and addressed. You will collaborate closely with other security professionals, including Blue team members (defenders) and Cyber Security Operations Center (CSOC) analysts. Together, you will strengthen the organization's security posture. Your role will contribute to the success of the team and will be reporting to the Head of InfoSec Assurance.


Your key tasks 

  • Conduct Red team exercises to evaluate the effectiveness of security controls.
  • Mimic real-world attacks to identify vulnerabilities and provide actionable recommendations.
  • Carry out continuous implementation and testing sophisticated Tactics, Techniques, and Procedures (TTPs) to be engineered as part of the offensive knowledge base (KB).
  • Design and implement advanced attack scenarios targeting modern computer networks and cloud environments.
  • Contribute to the continuous improvement of the existing offensive knowledge base (KB).
  • Execute testing, validation, and verification activities (e.g., field testing, performance testing, etc..) to evaluate and certify the effectiveness and stability of engineered capabilities.
  • Collaborate with Blue team members and CSOC team to improve detection and response capabilities.
  • Produce reports documenting findings and present them to stakeholders.
  • Coordinating the engagement of specialized external companies for penetration tests when these activities cannot be carried out by internal personnel.
  • Stay up-to-date with the latest attack techniques and security trends.

Qualifications

  • Bachelor’s degree, or are a Master student or Post-graduate in Computer Science, Engineering, Information Security, Computer Engineering, Information Technology, or a related field.
  • Previous hands-on work experience, with a focus on Information Technology or Cyber Security. preferably in a bank, financial institution, or consulting company
  • Passion on ethical hacking and enjoy breaking things to make them stronger.
  • Strong understanding of offensive security techniques.
  • Strong knowledge of common attacks, web protocols, web application, windows and *nix environment, TCP/IP, firewalls, cryptography, and operational security tools and practices.
  • Knowledge of generic offensive tools and C2 as well as industry-standard tools to perform security assessments.
  • DevSecOps skills (Terraform, Github, Containers, Microservice, Serverless function, Cloud technologies).
  • Strong problem solving, organizational and time management skills. IT and MS Office suite skills are strongly recommended.
  • Demonstrates the ability to influence others through strong written and verbal communication, maintaining cooperative relationships at all levels of the organization, despite differing perspectives.
  • Certifications like OSCP,OSEP,RTO,GIAC, GRTP.
  • Recognition via public CVE or Bug Bounty Program.
  • Fluent in English.

Additional Information

We realize that managing work life balance is a challenge we all face in our daily lives and in order to support with this we are pleased to offer hybrid and flexible working for most of our Avaloqers to maintain work life balance and still continue our fantastic Avaloq culture in our global offices. 

In Avaloq we are proud to embrace diversity and understand the success of our business is built on the power of different opinions, we are whole heartedly committed to fostering an equal opportunity environment and inclusive culture where you can be your true authentic self. 

We hire, compensate and promote regardless of origin, age, gender identity, sexual orientation or any other fantastic traits that make us all unique, we have done our best to write this advert in an inclusive and neutral way. 

Please be aware that we will not accept speculative CV submissions for any of our roles from recruitment agencies, and any unsolicited candidate submissions will be exempt from any payment expectations.

#LI-Hybrid

Top Skills

Offensive Security
Penetration Testing
The Company
Zurich
2,397 Employees
On-site Workplace
Year Founded: 1985

What We Do

Avaloq is a premium provider of front-to-back software and services for over 160 financial institutions around the world. Our clients include private banks, wealth managers and investment managers, as well as retail and neo banks. We develop software that can be deployed flexibly through cloud-based Software as a Service (SaaS) or on-premises, and we offer Banking Operations outsourcing through our Business Process as a Service (BPaaS) model. Avaloq is a subsidiary of NEC Corporation, a global leader in the integration of IT and network technologies.

Similar Jobs

Manulife Logo Manulife

Penetration Tester

Fintech • Insurance • Financial Services
Manila, Metro Manila, National Capital Region, PHL
32427 Employees

Motorola Solutions Logo Motorola Solutions

Technical Support Specialist (Remote)

Artificial Intelligence • Hardware • Information Technology • Security • Software • Cybersecurity • Big Data Analytics
Hybrid
Taguig, Southern Manila District, National Capital Region, PHL
21000 Employees

TransUnion Logo TransUnion

Information Security Officer

Big Data • Fintech • Information Technology • Business Intelligence • Financial Services • Cybersecurity • Big Data Analytics
Hybrid
Makati City, Southern Manila District, National Capital Region, PHL
13000 Employees

Atlassian Logo Atlassian

Senior IT Auditor

Cloud • Information Technology • Productivity • Security • Software • App development • Automation
Manila, First District NCR, National Capital Region, PHL
11000 Employees

Similar Companies Hiring

Silverfort Thumbnail
Security • Sales • Information Technology • Cybersecurity • Automation
GB
357 Employees
Jobba Trade Technologies, Inc. Thumbnail
Software • Professional Services • Productivity • Information Technology • Cloud
Chicago, IL
45 Employees
InCommodities Thumbnail
Renewable Energy • Machine Learning • Information Technology • Energy • Automation • Analytics
Austin, TX
234 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account