Key Role
As Cyber Security Manager & Consultant, you will lead and manage ateam of cyber security experts as well as lead and execute variety of
engagements, conducting advanced hands-on penetration testing beyond automated
tool validation, which will focus on targets that may include network devices,
servers, web and mobile apps, web APIs, wireless infrastructures, IoT devices,
and other information systems.
As a manager you will help raise the profile of the team, support in
solving complex business issues from strategy to execution, play a key part in
making sure that we offer service offerings tailored to the local market and
help coach and mentor team members.
This role is ~35% team management and ~65% technical.
What your keys responsibilities will
be
Responsibilities may include the following, but are not limited
to:
Oversee day-to-day teams' operation during Asia-Pacific time zoneTeam management of 10+ consultants including performance managementLead and execute network, web application, wireless, and social engineering penetration tests that will vary in level of complexity from simple to potentially complexManage complex project delivery that include planning, scheduling, controlling and tracking to meet project scope and timelineAct as main technical point of contact for local customer escalations during the shiftMaintain up-to-date knowledge of the IT security industry, including awareness of new or revised security solutions, security standards, trends / best practices, offensive techniques, and toolsAuthor quality penetration test reports with professional documentation of identified and exploited vulnerabilities/weaknesses and provide detailed remediation guidance for findingsSupport sales managers by serving as a consultant in pre-sales, including assessment of client needs, project scopes and proposal preparationManage team members education & developmentMonitoring quality of service and products to clients and carrying out improvement or development as necessaryActively support the hiring processWhat we are looking for
Minimum Experience:
Bachelor's degree, preferably in computer science or information systems, or equivalent work experienceMinimum of three years direct Cyber Security experience in a security analyst, engineer, architect, consultant or a similar roleMinimum of one year of experience in penetration testingProven experience managing a team of at least five engineers/consultantsTechnical knowledge across a broad range of computing platforms and network protocolsHigh proficiency in a variety of operating systems such as Unix/Linux/Mac/Windows operating systems, including bash and PowerShellHigh proficiency in manual techniques for penetration testing (network equipment, servers, web applications, APIs, wireless, mobile, databases, and other information systems)Proven professional experience testing web applications for common web application security vulnerabilities as defined by OWASP, including input validation vulnerabilities, broken access controls, session management vulnerabilities, cross-site scripting issues, SQL injection and web server configuration issuesKnowledge of at least one programming languages: Python, Perl, Java, .NET, C., Shell ScriptingTools – Proxies, Port Scanners, Vulnerability Scanners, Exploit Frameworks (ex: Burp, Nessus, Nmap, Metasploit)Strong oral and written communication skills, including a demonstrated ability to prepare quality documentation and presentations for technical and non-technical audiencesCertifications such as OSCP, OSCE, CREST CRT, GIAC (GXPN, GWAPT, GPEN, GMOB) others are highly desiredExperience managing communication with geographically distributed teamsLanguage Skills:
Excellent communication skills in English (written and spoken), other languages such as Mandarin is an advantage.
Required Skills:
Excellent interpersonal skills, capable to interact with people at all levels, team playerStrong leadership and ability to take fast decisionsAction-oriented and results driven