Job descriptionOur Company
Finantier is a leading Open Finance platform in Southeast Asia. We are fintech geeks who are passionate about Open Finance and are excited to build the enabling infrastructure for financial inclusion. Our world-class products, such as account aggregation, e-KYC, alternative credit scoring, and payments initiation power the next generation of financial and digital services across Southeast Asia.
The Information Security team plays a critical role in supporting the company's vision to develop and lead the Southeast Asian Open Finance ecosystem by bringing secure and reliable capabilities in accordance with security practice principles without sacrificing the customer journey.
Vulnerabilities and threats are constantly present in a dynamic environment. According to certain studies and attack patterns, there is an attack every day that originates from common exploits or newly discovered vulnerabilities (0 days). The Offensive team, as part of the Security Operations team, is responsible for protecting vulnerabilities and threats from both internal and external sources.
We are searching for individuals for the offensive team that is ethical in their system testing, have strong offensive technical analytical abilities, and are skilled in technical social engineering. Furthermore, the offensive team is required to be able to function dynamically in companies that promote a research attitude. Additionally, the offensive team is anticipated to be able to make formal reports to stakeholders, including top-level management, in intelligible language.
- Designing and implementing an offensive security framework for Red teaming, Physical Assessments, Penetration Testing for Cloud, Network, and Application, Adversarial Threat Emulation, Social Engineering, Ethical Hacking, Vulnerability Assessment, Malicious Software Analysis, and Hardware Security Assessment.
- Collaborate with the CSIRT and the Blue Team to prevent and respond to a security issue.
- Providing adversarial action, method, and technique advice to Incident Response and Blue Teams.
- Create offensive plans with the rest of the Red Team to undertake security assessments and threat modeling.
- Red Team strategies and techniques for identifying vulnerabilities, evasive approaches for increasing security capabilities, and methodology are being researched and refined.
- Communicate the results and collaborate with internal stakeholders to establish remedies to safeguard the assets.
- Assist with the creation, testing, and deployment of bespoke attack tools intended to meet the demands of the Red Team.
- Demonstrate to generate detailed and accurate reports for technical and executive audiences.
- 3 - 4 years of expertise for the red or purple team.
- Bachelor's or Master's degree in Computer Science, Information Systems, or a related field is required.
- Having Offensive Certification such as OSCP, OSCE, CEH, OSWP, GPEN is a plus.
- In-depth knowledge of attack surfaces, as well as hands-on expertise with numerous Cybersecurity technologies and standards (MITRE ATT&CK framework is a plus)
- Strong understanding of the Offensive cycle and Red Teaming including Social Engineering.
- Strong knowledge of penetration testing, scripting languages (i.e Python, PowerShell), and offensive tools.
- Hands-on expertise with testing frameworks such as PTES and OWASP is required.
- Kept up to speed on the newest vulnerabilities and security trends.
- Knowledge of Windows client/server, Unix/Linux systems, Mac OS, and cloud technologies such as AWS, Azure, and Google Cloud is preferred.
- Knowledge of software development frameworks for online and mobile apps is required.
- Excellent writing and communication abilities, as well as attention to detail and critical thinking abilities.
- Extensive experience communicating difficult information in clear, short words.
You will thrive at Finantier if…
- You are hungry, humble, and eager to learn – you question the status quo and seek disruption
- You are comfortable with taking risks – you understand that it takes failing in order to succeed
- You thrive in fast-paced, fluid environments – growth excites you
- You like to get your hands dirty and take ownership over your work
- You work hard but like to have fun and don’t take yourself too seriously
- You are empathetic, kind, and respect others
Amazing teammates and working culture (we hope you love food as much as we do!) Work-from-home with periodic office work and travel Best-in-class health insurance, including covering immediate family Mental health support Highly competitive compensation
- Specialty coffee
- Group outing
Diversity, Equity & Inclusion
At Finantier, we are committed to fair treatment and equal access to opportunities of all employees, regardless of individual differences. Our hiring strategy focuses on individual skills and knowledge, and candidates will not be required to share about their race, religion, sexual orientation, age, marital status, and family background during the process. Furthermore, we encourage and support a diverse workforce at Finantier by sponsoring activities such as DEI training and language classes.