S-RM logo

Senior Offensive Security Consultant

S-RM

Posted about 16 hours ago

Senior Offensive Security Consultant

Offensive Security consultants run the delivery of our offensive security services. They help to interpret client challenges, innovate solutions, and deliver findings.

As an OS consultant, you will work across the full spectrum of our pentesting services, whether point in time or continuous, as well as participate in larger engagements such as red teams. You will help our clients to build cyber resilience, enhance their understanding of the threat landscape and become better prepared to face dynamic and evolving security risks.

As a senior consultant, you will be responsible for supporting commercial efforts, as well as line management and maintenance of standards, tools and knowledge. We are looking for someone with a strong business acumen and technical background who can help us shape, sell and deliver impactful resilience workstreams to our clients. The commercial and leadership aspect of this role will take approximately 40% of your time, the rest being focused on delivery.

  1. MAIN DUTIES AND RESPONSIBILITIES

Client Engagement and Account Management

  • Engage with clients to understand their cyber security challenges
  • Translate client challenges into solutions that fit S-RM’s Offensive Security service offering and value proposition
  • Lead on proposal writing and presentations, with an understanding of delivery timelines, project resourcing requirements and pricing
  • Contribute to the expansion of client accounts and winning of new business
  • Gain an understanding of S-RM’s target sectors and industries

Offensive Security

Penetration testing:

  • External infrastructure
  • Web application
  • API pentesting
  • Phishing and spear phishing
  • Internal pentesting
  • Mobile application pentesting (Android and iOS)
  • Attack surface scanning and monitoring
  • Cloud assessments and configuration reviews
  • Hardware Build Reviews
  • Support senior team members in the delivery of red team assessments (end to end, breaching the perimeter, assumed breach, bespoke)
  • Red teaming
  • Support senior team members in the delivery of red team assessments (end to end, breaching the perimeter, assumed breach, bespoke)

Delivery:

  • Deliver findings in a range of formats, including written reports, presentations, and verbal briefings

Training:

  • Support the development and delivery of cyber security training packages on a range of topics
  • Deliver client training on phishing/awareness/general cyber topics.
  • Threat Intelligence
  • Keep abreast of threat intelligence developments, threat actor activity and security industry developments in mitigations and tooling

Mentoring and technical leadership

  • Provide oversite, shadowing and knowledge sharing opportunities for pentesting to other team members
  • Participate in monthly knowledge sharing sessions
  • Gain an understanding of our cyber services outside of offensive security (incident response, cyber advisory, digital forensics) and support with offensive security skills where required
  • Identify and address internal capability gaps with the support of senior team members

Requirements

We are looking for an individual who has 8 or more years’ experience in pentesting and offensive security consulting across multiple areas including:

  • Web/API testing
  • Internal network and Active Directory
  • External infrastructure and VA
  • Cloud (AWS/Azure/GCP)
  • AI security testing (nice to have)
  • Red Team assessments and familiarity with modern detection/evasion techniques (nice to have)

Experience:

  • Experience working within security consulting, with good client-facing skills including report writing, briefings and general comms.
  • Experience mentoring or line managing more junior members of a team.

All candidates must have permission to work in Malaysia by the start of their employment.

OUR BENEFITS

We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, this includes but is not exhaustive of:

    Want to see the full job description?

    Sign in to view the complete details and apply to this position.

    Job details

    Workplace

    Office

    Location

    Kuala Lumpur

    Experience

    SE

    Similar

    Jobr Assistant extension

    Get the extension →