Red Team Engineer

at  Mediacorp Pte Ltd

ABOUT US

Mediacorp is Singapore’s largest content creator and national media network, operating a suite of TV channels, radio stations, and multiple digital platforms. Its mission is to engage, entertain, and enrich audiences by harnessing the power of creativity.
We are committed to creating an inclusive and diverse workplace where talent thrives. Our hiring decisions are made based on merit and fit-to-role. If you have a disability or special need which requires accommodation to participate in the recruitment process, please inform us when you submit your online application. We will be happy to support as necessary.

JOB DESCRIPTION

The Red Team Engineer is a member of the Vulnerability Management & Red Team which is responsible to ensure the readiness and effectiveness of cybersecurity controls. The team is responsible for performing vulnerability assessments, tracking vulnerabilities, prioritising remediation efforts, and ensuring effective vulnerability management processes are implemented in accordance with industry standards and compliance frameworks. In addition, the team perform various types of security testing to identify and propose solutions for security issues. Furthermore, the team works with internal stakeholders to propose security controls for long-term solutions.

QUALIFICATIONS

• Degree in IT, Engineering or other related field preferred
• Minimum 2 years experience
• Possess OSCP/OSCE/CREST/ GIAC or other industry recognized certification, or able to obtain one in within six months of joining
• Experience in networking or app development, cybersecurity monitoring or incident response and working knowledge of networking and network protocolsTCP/IP, UDP, ARP, DNS, and DHCP
• Familiar with system administration on various operating systems flavours (Linux and Windows), good knowledge of scripting and coding (eg Python, Java, .NET, Bash and PowerShell), and common pentest and application security tools (eg Kali, Metasploit, Wireshark, Bloodhound, TinyShell, etc.)
• Candidates who have prior experience on system exploits and security vulnerabilities (eg OWASP, MITRE framework), Cyber Kill Chain, Active Directory, AWS and Azure environment would be advangetous

RESPONSIBILITIES

• Perform vulnerability assessment and penetration tests (VA/PT) as part of pre-commissioning security assessments (PCSA), analyse the results, and provide actionable recommendations to stakeholders
• Coordinate and facilitate vulnerability management activities, including vulnerability scans, penetration testing, risk assessments and tracking of remediation efforts
• Monitor and assess the health of vulnerability management system and provide regular reporting to stakeholders
• Conduct research on identified threats, and develop TTPs and exploits to emulate these threats on the Mediacorp environment
• Participate in purple-team exercises to improve Blue Team’s detection capabilities
• Conduct red team exercises to stress test controls and the Blue Team
• Provide guidance and support to other teams on vulnerability management activities, including recommending security controls, patching, and system configuration changes
• Maintain pen-testing, attack infrastructure and vulnerability management tools used
• Support security architecture reviews of projects, if needed