Penetration Testing Team Lead - SG

Bitdefender is a leading cybersecurity firm dedicated to providing cutting-edge solutions to our clients. We support customers with a wide variety of technology and services which include our offensive security service offering, helping organizations identify and mitigate potential cyber threats through advanced testing and simulation techniques.

We are seeking an experienced and passionate Cybersecurity Pen Testing Team Lead (Manager) to join Bitdefender's Cyber Operations (Offensive Security) team, collaborating directly with our clients to conduct offensive security assessments.

The Pen Testing Team Lead will be responsible for leading and coordinating red team engagements within Bitdefender worldwide. They will oversee a team of skilled professionals dedicated to simulating real-world cyber-attacks to identify weaknesses in clients' security posture. The Team Lead will play a critical role in delivering high-quality services to clients and contributing to the growth of the service and reputation of the firm. Members of the Offensive Security team are generally familiar with most aspects of cybersecurity but specialize in web application security, network penetration test, mobile application security, red-teaming activity, phishing campaign, secure code review and cloud security and smart contract audits..

The role will be expected to support and work in close partnership with the Sales and Delivery Management team. They will facilitate pre-sales support and ensure the delivery of exceptional value to our clients, constantly exploring routes to improve services and positioning Bitdefender as a leader in the security landscape.

Key Responsibilities

• Leadership: Provide leadership and guidance to the Pen Testing Team, fostering a collaborative and high-performing team culture.
• Engagement Management: Lead the planning, execution, and reporting of red team engagements, ensuring objectives are met within scope, budget, and timeline constraints.
• Technical Expertise: Demonstrate advanced knowledge and proficiency in various offensive security techniques, tools, and methodologies.
• Client Interaction: Interface directly with clients to understand their security objectives, communicate findings, and provide actionable recommendations for improvement.
• Sales Support: Interface directly with Sales to support on client scoping to understand their security objectives and tailor an impactful and valuable solutions.
• Team Development: Mentor and develop team members, supporting their growth and skill enhancement in the field of offensive security.
• Continuous Improvement: Stay abreast of emerging threats, vulnerabilities, and industry best practices, integrating new techniques and tools into red team operations.
• Collaboration: Collaborate with other teams within the firm, such as Sales, Delivery Management, and Research, to ensure alignment and maximize client value.
• Quality Assurance: Maintain high standards of quality and professionalism in all deliverables across the team, adhering to the firm's methodologies and standards.
• Travel: Willing to travel around and within South-east Asia and enjoy being out of their comfort zone.

Requirements

• Experience : Minimum of 4 years of experience in cybersecurity.
• Education (one or more of the following):
• Bachelor degree is computer science, information security or any related field
• OSCP, OSCE, OSWE, CREST CRT, CRTP, CCT INF, Cloud security experience
• Leadership Skills: Proven track record of leading and managing teams, with excellent communication, interpersonal, and conflict resolution skills.
• Communication: Strong communication, writing and interpersonal skills to collaborate with external and internal stakeholders
• Technical Proficiency: Deep understanding of offensive security principles, techniques (e.g. those in the MITRE ATT&CK), and tools ( such as Cobalt Strike, Burp Suite, Fortify, etc ) with hands-on experience in areas such as penetration testing, exploit development, and social engineering. Good competency in using scripting languages such as, Python, PowerShell, C#, C/C++, Go Lang
• Client Focus: Strong client-facing skills, with the ability to build and maintain relationships, understand client needs, and deliver impactful solutions in a clear manner.
• Analytical Thinking: Strong analytical and problem-solving skills, with the ability to think creatively and work independently with minimal supervision.
• Team Player: Collaborative mindset, with the ability to work effectively in cross- functional teams and contribute to a positive work environment whilst training and mentoring others in a leadership capacity.
• Ethical Standard: Commitment to ethical hacking principles, with a dedication to upholding client confidentiality and integrity in all engagements.
• Adaptability: Ability to thrive in a fast-paced, dynamic environment, with a willingness to adapt to changing priorities and challenges.
• Passion: Demonstrated passion for cybersecurity, evidenced by involvement in security initiatives outside of work, such as public disclosure of vulnerabilities or relevant awards from bug bounty programs.

Why Bitdefender

• We value technical competency (and development) in our consultants and the quality of work we deliver to our clients.
• There is an annual training budget allocated for each consultant to take up cybersecurity related courses/certifications.
• Dedicated research time to ensure you stay on the top of your game for the next client project.
• Opportunities to learn and perform a variety of security assessments beyond pen testing and red teaming/adversary simulations such as; cloud security assessments, blockchain security and IoT testing. Opportunities to collaborate with defensive disciplines such as threat hunting are also available.
• We have an awesome delivery team that will help minimize distractions and allow you, our consultant, to focus your efforts on the assessment.
• Work with and learn from fellow similar-minded colleagues from countries such as Singapore, Indonesia, Europe, United States with our HQ in Romania.