x
Get our mobile app
Fast & easy access to Jobstore
Use App
Congratulations!
You just received a job recommendation!
check it out now
Browse Jobs
Companies
Campus Hiring
Download App
Jobs in Singapore   »   Jobs in Singapore   »   Legal / Public / Security Job   »   Offensive Security Engineer
 banner picture 1  banner picture 2  banner picture 3

Offensive Security Engineer

Paypal Pte. Ltd.

Job Description Summary:

This offensive security engineer will lead and execute security engagements that combine both red team and purple team methodologies. Your role will involve designing and executing sophisticated cyberattacks, simulating advanced persistent threats and collaborating closely with the defense (blue) teams to improve detection, response, and overall security posture. You will work to challenge, assess, and enhance the organization’s security operations, ensuring that defenses are robust and responsive to current and evolving threats.

Job Description:

Key Responsibilities:

Red Team:

  • Execute adversarial simulations mimicking real-world threat actors (APTs, insider threats, etc.).
  • Research and simulate evolving cyber threats, vulnerabilities, and tactics, techniques, and procedures (TTPs) of adversaries.
  • Develop custom scripts, tools, and payloads to bypass security controls and detection.
  • Identify security weaknesses and vulnerabilities across systems, networks, and applications.
  • Evade detection while conducting stealthy operations to assess the maturity of monitoring capabilities.


Purple Team:

  • Collaborate with the blue team to optimize detection and response mechanisms.
  • Facilitate knowledge sharing and training during real-time testing engagements, emphasizing skill development across red, blue, and purple teams.
  • Test the effectiveness of existing security controls, offer insights for enhancement, and assist in adjusting strategies.
  • Provide real-time attack/defense simulations to measure the accuracy and effectiveness of the blue team’s response.


Reporting and Documentation:

  • Prepare detailed, actionable reports that communicate findings, risks, and remediation recommendations to both technical and non-technical stakeholders.
  • Work with leadership to develop strategic security roadmaps based on testing results.

Required Skills & Qualifications:

  • Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or equivalent experience.
  • 5+ years of experience in offensive security (Red Teaming, Penetration Testing, or related fields).
  • Deep understanding of adversary tactics, techniques, and procedures (TTPs), such as those outlined by MITRE ATT&CK.
  • Strong proficiency with offensive security tools (e.g., Cobalt Strike, Metasploit, Burp Suite, BloodHound, Mimikatz).
  • Advanced experience in network and application penetration testing.
  • Knowledge of both Windows and Linux operating systems, scripting (e.g., Python, PowerShell, Bash), and familiarity with cloud environments (AWS, Azure, GCP).
  • Experience working collaboratively in a purple team environment with a focus on improving defensive capabilities.
  • Strong analytical and problem-solving skills, with a proactive and collaborative mindset.
  • Industry certifications such as OSCP, OSCE, CRTO, CRTP, CRTE, CEH, GPEN,GXPN or similar.


Preferred Qualifications:

  • Experience conducting stealth red team engagements, including lateral movement, persistence, and data exfiltration.
  • Proficiency in attack automation and tool development.
  • Familiarity with blue team operations and defensive security technologies (SIEMs, EDR, IDS/IPS).
  • Contributions to open-source security tools or published research on offensive security topics.

Sharing is Caring

Know others who would be interested in this job?