Security Engineer – Offensive Security

Company Overview

We are supporting an opportunity with a leading Asia-based financial services organization with a strong presence across global markets. The company operates in a high-performance regulated environment supporting critical trading and enterprise platforms.

Role Summary

We are seeking a Security Engineer with 13 years of experience in offensive security red teaming or penetration testing. The role focuses on identifying vulnerabilities simulating real-world attacks and strengthening security controls across applications infrastructure and networks.

Key Responsibilities

• Conduct penetration testing across web applications APIs networks and internal systems
• Perform vulnerability assessments and provide clear remediation recommendations
• Support red team engagements and simulated attack scenarios
• Identify security weaknesses across cloud and on-prem environments
• Collaborate with engineering and infrastructure teams to improve security posture
• Document findings risk ratings and mitigation steps
• Assist in incident response and security investigations when required
• Stay updated with emerging attack techniques tools and threat intelligence

Requirements

• 13 years of experience in offensive security penetration testing or red team operations
• Strong understanding of OWASP Top 10 and common exploitation techniques
• Hands-on experience with tools such as Burp Suite Nmap Metasploit Wireshark etc.
• Good understanding of Linux systems and scripting (Python Bash or similar)
• Knowledge of networking fundamentals and system architecture
• Exposure to cloud platforms (AWS Azure or GCP) is a plus
• Relevant certifications (CEH OSCP eJPT) are an advantage but not mandatory
• Strong analytical problem-solving and communication skills