Principal Consultant, Offensive Security

Principal Consultant, Offensive Security

Our Offensive Security professionals are on a mission to make the world a safer place, one company at a time. We believe that our work to help our clients discover and remediate their unique security risks makes every one of us safer. Our clients trust us to use cutting-edge offensive security tools, creativity, imagination, and expert knowledge to find cybersecurity risks in their networks, systems, and software. 

We're looking to grow our team of penetration testers in Vietnam. We perform testing of web and smartphone applications, computer networks, cloud infrastructure, hardware devices, employees via social engineering, organizations via red team testing, and more. 

As a Principal Offensive Security Consultant, you’ll be reporting to a Senior Vice President in our APAC Offensive Security team and deliver projects for some of the biggest enterprises in the world. You will perform various web application, API, mobile, and infrastructure penetration tests. You will also draft reports based on the assessment results and gathered evidence and help address client inquiries regarding these results. In addition to the execution of traditional security assessments, you will participate in their refinement and improvement. You will also play the role of career advisor and mentor for junior members of the team.  

Below are the roles and responsibilities for the Principal Consultant, Offensive Security role based in Hanoi:

Day to day responsibilities

• Lead the execution of consultative, offensive security, and cloud security engagements as a thought-leader in the eyes of the client and your teammates
• Solution and scope engagements for our clients, including penetration tests, consultative engagements, cloud security projects, and more
• Oversee the delivery of multiple engagements in parallel to ensure that junior members of the team can deliver and exceed client expectations
• Execute internal strategic initiatives to help our practice grow, adapt, and evolve
• Manage junior members of the team by conducting one-on-ones, providing feedback and coaching, and supporting their career growth

Essential Traits:

• 7+ years in cybersecurity, with at least 5 years in penetration testing, cloud security or red teaming 
• A strong understanding of offensive security methodology and vulnerability frameworks such as the OWASP Top 10, MITRE ATT&CK, PTES, or others 
• An ability to analyze root causes and deliver technological recommendations to our clients 

Prerequisites

• Bachelor’s degree or college diploma in information security, computer science or engineering, software engineering, or IT/System/Network administration 
• Excellent oral and written communication skills in English language. 
• Ability and willingness to work in shifts aligned to EST Time Zone
• Deep understanding of penetration testing, cloud security, or red teaming
• The capability to build and cultivate relationships with clients and colleagues 
• A proven ability to lead and deliver information security assessments that don’t always come with a playbook
• A deep understanding of application security, cloud security, infrastructure security, and other offensive or defensive security domains
• Demonstrated ability to manage and coach a team of ambitious information security phenoms

About Kroll

Join the global leader in risk and financial advisory solutions—Kroll. With a nearly century-long legacy, we blend trusted expertise with cutting-edge technology to navigate and redefine industry complexities. As a part of One Team, One Kroll, you'll contribute to a collaborative and empowering environment, propelling your career to new heights. Ready to build, protect, restore and maximize our clients’ value? Your journey begins with Kroll. 

Kroll is committed to equal opportunity and diversity, and recruits people based on merit. 

In order to be considered for a position, you must formally apply via careers.kroll.com.  

#LI-SP1