Senior Security Engineer, Red Team

Get to know our Team:
 

Grab Red Team is responsible for simulating adversary attack against Grab and its subsidiaries. You are expected to perform comprehensive and real-world red-teaming scenarios like breaking into a secured zone while remaining stealthy, and yet be able to continue to identify and exploit network or application misconfigurations. 

Unlike traditional enterprise, Grab's multi-cloud, micro-services and container infrastructure makes it an attractive environment for the attacker. Our job as The Red Team is to prepare Grab for these attacks via adversary attack simulation and atomic testing.

The day-to-day activities:

• Support the full scope red team engagements through planning, organizing, executing, and reporting.

• Perform penetration test in one or more of the following: Cloud, API, Network, Web, Mobile and social engineering engagement.

• Perform targeted, covert red team operation in various technology landscape with custom tooling to aid infiltration, exploitation and post-exploitation activities.

• Develop payloads, scripts and tools that weaponize new concepts for execution, evasion, lateral movement and persistence.

• Maintain the Internal Grab Attack Matrix to simulate and document relevant Tactics, Techniques, and Procedures (TTP).

• Research new TTPs that are relevant to Grab threat profile and tech stack.

• Communicate effectively with other red team operators, defenders, stakeholders and senior management.

• Develop comprehensive and accurate reports and presentations for both technical and executive audiences

Requirements:

• At least 3 years of offensive security working experience.

• Experience in Modern Infrastructure Penetration Testing with a firm understanding of cloud architecture, CI/CD, microservices architecture and Kubernetes/container security.

• Experience in Application Penetration testing with a firm understanding of modern web exploitation, modern authentication frameworks and exploit chaining techniques.

• Experience in Windows and/or OSX internal security to develop covert persistence mechanisms, modern AV evasion techniques and privilege escalation techniques.

• Experience in lateral movement by abusing directory services such as Active Directory, FreeIPA, etc.

• Experience in utilizing and customizing post exploitation framework such as Cobalt strike, Metasploit, Empire, Covenant, etc.

• Past involvement in Red Team Operations, ability to think like an adversary, good situational awareness, generating creative adversarial scenarios and having a knack for operations security (OPSEC).

• Programming experience in one or more interpreted or compiled languages: Python, Go, PHP, C/C++, C#, PowerShell, .Net.

• Experience with social engineering campaigns, firm understanding of various types of phishing attacks, payload delivery mechanisms and email security evasion techniques.

• Good interpersonal, organizational, communication and time management skills.

Good To Have:

• SANS (GPEN, GXPN, GWAPT), Offensive Security (OSCP, OSCE, OSCEE), CREST/Tiger Scheme Certified Tester certifications or equivalent. 

• Past achievements in CTF, Bug bounty or CVEs.

• Published offensive/defensive related research