Offensive Security Associate Manager

ALTO Network is a leading payment infrastructure provider as well as the pioneer in payment solution by always bringing the most innovative and impactful technology to connect merchants or financial institutions with their customers to grow their businesses nationwide and beyond.

Role Purpose Leading offensive security operations, including penetration testing, red teaming, and vulnerability assessments.

Key Responsibilities

• Lead and manage a team of offensive security professionals, including penetration testers, red team members, and vulnerability analysts. Provide mentorship, training, and performance feedback to team members.
• Collaborate with cross-functional teams, including IT, development, and operations, to prioritize and remediate security vulnerabilities identified through offensive security testing. Communicate findings and recommendations to technical and non-technical stakeholders.
• Plan, coordinate, and execute offensive security operations, including penetration tests, red team exercises, and vulnerability assessments, to identify and exploit security weaknesses in our systems, networks, and applications.
• Continuously assess and improve offensive security practices, methodologies, and tools based on industry trends, lessons learned from previous engagements, and feedback from stakeholders.
• Risk/Findings audit to be fulfilled
• Ensure staff are informed and trained to support good corporate governance in their specific areas of work.

Knowledge

• Penetration Testing: In-depth knowledge of penetration testing methodologies, including reconnaissance, enumeration, exploitation, post-exploitation, and reporting.

• Red Teaming: Understanding of red teaming techniques and tactics to simulate real-world cyber attacks and assess an organizations security postureVulnerability Assessment: Proficiency in conducting vulnerability assessments across various attack surfaces, including networks, systems, applications, and cloud environments.

• Vulnerability Assessment: Proficiency in conducting vulnerability assessments across various attack surfaces, including networks, systems, applications, and cloud environments.

• Exploit Development: Familiarity with exploit development techniques and methodologies to identify and exploit security vulnerabilities.

• Scripting and Programming: Proficiency in scripting and programming languages such as Python, PowerShell, or Bash for automation, tool development, and exploit scripting.

• Regulatory Compliance: Understanding of relevant laws, regulations, and industry standards related to offensive security testing, including legal and ethical considerations.

• Cybersecurity : Knowledge of cybersecurity principles, practices, technologies, and regulatory requirements.

Technical

• Penetration tests, vulnerability assessments, and security audits (VAPT)
• Red teaming exercises and adversarial simulation techniques.
• Metasploit , Burp Suite, Nmap
• Scripting languages (e.g., Python, PowerShell)
• MobSF (Mobile Security Framework)
• Drozer
• OWASP Mobile Security Testing Guide (MSTG)

Non-technical

• Collaborative Leadership
• Time Management Skills
• Vision and Strategy
• Conflict Management Skills
• Emotional Resilience

Experience in leading and managing offensive security operations, including penetration tests, red team exercises, and vulnerability assessments.Experience with threat intelligence analysis, security research, and incident response support.Minimum of 3 years of experience in offensive security roles, with at least 2 years in a leadership or supervisory position.

Bachelors degree in computer science, information security, or a related field. Masters degree preferred.Offensive Security Certifications: Offensive Security Certified Professional (OSCP), Offensive Security Certified Expert (OSCE), or similar certifications highly desired.

Information :

• Company : PT ALTO Network
• Position : Offensive Security Associate Manager
• Location : Jakarta
• Country : ID