Offensive Security Lead, Penetration Testing Section -Security Assurance Department (RM Security Eng. & Ops Div)

Job Description:

About Organization

Security Assurance Department is responsible for maintaining organization wide security. The department has four sections of which Penetration Testing section is in-charge of performing red teaming, regular black-box, white box, and grey box tests on all network functions and devices, conducting in-depth penetration tests as well as keeping up with recent weaknesses and vulnerabilities. The team is also responsible of verifying software security for any source code developed by Rakuten Mobile, security testing of Apps and security testing of Rakuten Mobile devices.

Job duties

We are looking for a Security Engineering professional who will conduct offensive security engagements, lead a team of cybersecurity professionals, develop strategies to improve the organization's security posture, and ensure compliance with relevant laws and regulations.

• Conducting infrastructure and application penetration tests and red team exercises.

• Designing and implementing simulated attacks to identify potential security vulnerabilities.

• Leading and managing a team of cybersecurity professionals.

• Developing strategies for improving the organization's security posture.

• Collaborating with the IT and security teams to address security vulnerabilities.

• Staying up to date with the latest trends and developments in cybersecurity.

• Preparing reports detailing the results of simulated attacks and making recommendations for improvements.

• Providing training to employees on cybersecurity best practices.

• Ensuring compliance with relevant laws, regulations, and industry standards.

• Assisting in the development of security policies and procedures.

Minimum Qualification

• Bachelor's degree in computer science, information technology, cybersecurity, or a related field.

• 10+ years of experience in offensive security, with at least 5 years in a leadership role.

• Strong knowledge of various hacking techniques and the ability to think like a hacker.

Preferred Qualification

• Cloud Security experience in GCP, AWS, and Azure.

• Knowledge of Containerization, Kubernetes, and Docker.

• Resilient and approachable with the ability to work successfully in a dynamic, fast-paced environment.

• Experience in CTF competitions or Bug Bounty programs.

• Experience in Web and mobile (iOS/Android) application testing.

• Experience in malware analysis/reverse engineering.

• Experience in Internet of Things (IoT) security and exploitation.

• High responsibility, professional mindset.

• Experience in performing log analysis and incident responses.

• Ability to work under pressure.

• A self-starter able to work independently but comfortable and effective working in a team environment.

Languages: