Information Security Advisor ensuring risk assessment and compliance for Sun Life business groups. Conducting risk assessments and advising on information security best practices.
SL
Hybrid Senior Manager – Cyber Security Offensive Engineer
Posted 2 months ago
About the role
- Senior Manager responsible for conducting cybersecurity offensive engineering and penetration testing activities. Collaborating with teams to enhance security posture against threats in the organization.
Responsibilities
- Perform advanced penetration testing on networks, applications, cloud environments, and IT infrastructure.
- Conduct vulnerability assessments and security audits to identify and mitigate risks.
- Develop and execute simulated cyber-attacks to test security defenses.
- Research and utilize latest attack methodologies to assess resilience against real-world cyber threats.
- Perform threat modeling to anticipate potential attack vectors and weaknesses.
- Develop custom security tools and scripts for automation and testing purposes.
- Provide detailed reports on security vulnerabilities, risks, and recommended mitigations.
- Work with the Blue Team to enhance cybersecurity strategies and improve defensive measures.
- Keep up-to-date with emerging security threats, vulnerabilities, and exploits.
- Educate internal teams on offensive security techniques and best practices.
Requirements
- Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or related field.
- Strong experience in penetration testing, red teaming, and vulnerability assessments.
- Strong expertise in network security, ethical hacking, and security frameworks.
- Hands-on experience with penetration testing tools (Metasploit, Burp Suite, Kali Linux, etc.).
- Proficiency in scripting and automation (Python, Bash, PowerShell, etc.).
- Excellent problem-solving and analytical skills with a hacker mindset.
- Good communication skills for stakeholder engagement and risk reporting.
- Knowledge of international security frameworks (NIST, PCI-DSS, OWASP, MITRE ATT&CK).
- Preferred certifications: OSCP, GPEN, CISSP, CEH, or equivalent.
- Fluent in Thai and English (written and spoken).
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Auditing clients' organisations and products against ISO 27001 and ISO 22301 standards. Building relationships and improving business performance with a client - centric approach.
Cloud Cybersecurity Engineer modernizing leading multi - cloud environments for Leidos. Supporting USAF system resiliency and security with hands - on cloud experience.
Senior Developer in Application Security at Clio focusing on innovative security solutions. Responsible for proactive vulnerability management in core applications and advising on security best practices.
Enterprise Services Manager leading the Technical Account Management team at Proofpoint. Responsible for maximizing customer value of products and services while ensuring high customer satisfaction.
Information Systems Security Engineer providing technical solutions and support for Department of Defense systems. Leveraging industry knowledge to increase operational efficiencies focusing on classified data systems.
Network Security Architect at Dell influencing security culture and designing secure network environments. Collaborating across teams and developing strategies for modern network security.
Senior Enterprise Security Engineer performing security assessments and threat modeling for Salesforce systems. Collaborating with teams and defining security standards across diverse technology environments.
Fullstack Software Engineer focusing on security to ensure resilience and data protection at health tech company Alan. Involved in building foundational security and authentication systems.
Security Engineer building trust foundations for bare - metal platforms at OpenAI. Designing and operating core security infrastructure for reliable compute platforms across global infrastructure.