Offensive Security Engineer
SGP - Central Singapore - Corp - Temasek Blvd
PayPal
Verwende dein PayPal-Konto, um zu bezahlen, Geld zu senden und zu verwalten. Oder erstelle dir ein Händlerkonto für dein Unternehmen. Und noch vieles mehr.The Company
PayPal has been revolutionizing commerce globally for more than 25 years. Creating innovative experiences that make moving money, selling, and shopping simple, personalized, and secure, PayPal empowers consumers and businesses in approximately 200 markets to join and thrive in the global economy.
We operate a global, two-sided network at scale that connects hundreds of millions of merchants and consumers. We help merchants and consumers connect, transact, and complete payments, whether they are online or in person. PayPal is more than a connection to third-party payment networks. We provide proprietary payment solutions accepted by merchants that enable the completion of payments on our platform on behalf of our customers.
We offer our customers the flexibility to use their accounts to purchase and receive payments for goods and services, as well as the ability to transfer and withdraw funds. We enable consumers to exchange funds more safely with merchants using a variety of funding sources, which may include a bank account, a PayPal or Venmo account balance, PayPal and Venmo branded credit products, a credit card, a debit card, certain cryptocurrencies, or other stored value products such as gift cards, and eligible credit card rewards. Our PayPal, Venmo, and Xoom products also make it safer and simpler for friends and family to transfer funds to each other. We offer merchants an end-to-end payments solution that provides authorization and settlement capabilities, as well as instant access to funds and payouts. We also help merchants connect with their customers, process exchanges and returns, and manage risk. We enable consumers to engage in cross-border shopping and merchants to extend their global reach while reducing the complexity and friction involved in enabling cross-border trade.
Our beliefs are the foundation for how we conduct business every day. We live each day guided by our core values of Inclusion, Innovation, Collaboration, and Wellness. Together, our values ensure that we work together as one global team with our customers at the center of everything we do – and they push us to ensure we take care of ourselves, each other, and our communities.
Job Description Summary:
This offensive security engineer will lead and execute security engagements that combine both red team and purple team methodologies. Your role will involve designing and executing sophisticated cyberattacks, simulating advanced persistent threats and collaborating closely with the defense (blue) teams to improve detection, response, and overall security posture. You will work to challenge, assess, and enhance the organization’s security operations, ensuring that defenses are robust and responsive to current and evolving threats.Job Description:
Key Responsibilities:Red Team:
- Execute adversarial simulations mimicking real-world threat actors (APTs, insider threats, etc.).
- Research and simulate evolving cyber threats, vulnerabilities, and tactics, techniques, and procedures (TTPs) of adversaries.
- Develop custom scripts, tools, and payloads to bypass security controls and detection.
- Identify security weaknesses and vulnerabilities across systems, networks, and applications.
- Evade detection while conducting stealthy operations to assess the maturity of monitoring capabilities.
Purple Team:
- Collaborate with the blue team to optimize detection and response mechanisms.
- Facilitate knowledge sharing and training during real-time testing engagements, emphasizing skill development across red, blue, and purple teams.
- Test the effectiveness of existing security controls, offer insights for enhancement, and assist in adjusting strategies.
- Provide real-time attack/defense simulations to measure the accuracy and effectiveness of the blue team’s response.
Reporting and Documentation:
- Prepare detailed, actionable reports that communicate findings, risks, and remediation recommendations to both technical and non-technical stakeholders.
- Work with leadership to develop strategic security roadmaps based on testing results.
- Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or equivalent experience.
- 5+ years of experience in offensive security (Red Teaming, Penetration Testing, or related fields).
- Deep understanding of adversary tactics, techniques, and procedures (TTPs), such as those outlined by MITRE ATT&CK.
- Strong proficiency with offensive security tools (e.g., Cobalt Strike, Metasploit, Burp Suite, BloodHound, Mimikatz).
- Advanced experience in network and application penetration testing.
- Knowledge of both Windows and Linux operating systems, scripting (e.g., Python, PowerShell, Bash), and familiarity with cloud environments (AWS, Azure, GCP).
- Experience working collaboratively in a purple team environment with a focus on improving defensive capabilities.
- Strong analytical and problem-solving skills, with a proactive and collaborative mindset.
- Industry certifications such as OSCP, OSCE, CRTO, CRTP, CRTE, CEH, GPEN,GXPN or similar.
- Experience conducting stealth red team engagements, including lateral movement, persistence, and data exfiltration.
- Proficiency in attack automation and tool development.
- Familiarity with blue team operations and defensive security technologies (SIEMs, EDR, IDS/IPS).
- Contributions to open-source security tools or published research on offensive security topics.
Additional Job Description:
Subsidiary:
PayPalTravel Percent:
0For the majority of employees, PayPal's balanced hybrid work model offers 3 days in the office for effective in-person collaboration and 2 days at your choice of either the PayPal office or your home workspace, ensuring that you equally have the benefits and conveniences of both locations.
Our Benefits:
At PayPal, we’re committed to building an equitable and inclusive global economy. And we can’t do this without our most important asset—you. That’s why we offer benefits to help you thrive in every stage of life. We champion your financial, physical, and mental health by offering valuable benefits and resources to help you care for the whole you.
We have great benefits including a flexible work environment, employee shares options, health and life insurance and more. To learn more about our benefits please visit https://www.paypalbenefits.com.
Who We Are:
Click Here to learn more about our culture and community.
Commitment to Diversity and Inclusion
PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state, or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at talentaccommodations@paypal.com.
Belonging at PayPal:
Our employees are central to advancing our mission, and we strive to create an environment where everyone can do their best work with a sense of purpose and belonging. Belonging at PayPal means creating a workplace with a sense of acceptance and security where all employees feel included and valued. We are proud to have a diverse workforce reflective of the merchants, consumers, and communities that we serve, and we continue to take tangible actions to cultivate inclusivity and belonging at PayPal.
Any general requests for consideration of your skills, please Join our Talent Community.
We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates. Please don’t hesitate to apply.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation AWS Azure Bash Blue team Burp Suite CEH Cloud Cobalt Strike Computer Science EDR GCP GPEN GXPN IDS IPS Linux Metasploit MITRE ATT&CK Monitoring Offensive security OSCE OSCP Pentesting PowerShell Python Red team Scripting SIEM TTPs Vulnerabilities Windows
Perks/benefits: Flex hours Health care Insurance Wellness
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.