Penetration Testing/Red Team Consultant - Secureworks Japan - Tokyo/Otemachi
Secureworks Adversary Group
Secureworks (SCWX-NASDAQ) is a global leader in intelligence-driven information security solutions. We help organizations confidently pursue business goals in a digitally-connected world. Consistently recognized by industry analysts and readers' polls, we are one of the best in the world at understanding and anticipating threat behavior. We see 250 billion events every day across 4400 clients in more than 55 countries, and our solutions work across all the layers of a client's security environment, including 330 different vendor technologies. Join a talented, dedicated, and diverse team of researchers, analysts, engineers, consultants and business professionals who are focused 100% on protecting our clients from cyber threats. We seek out the brightest minds and empower our teams with the tools and support they need to fight the bad guys and maintain our company's leadership in the cyber security industry.
Uniquely positioned to adapt as the industry evolves, we are also proud to be part of the Dell Technologies family. We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about "what's next." We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.
Role Overview
The Application Penetration Testing Consultant supports the Security and Risk Consulting /Technical Testing Team by applying information security threat intelligence to identify and exploit vulnerabilities within our client's environments. The focus areas for this role are web and mobile application penetration testing, API testing, and code review.
Role Responsibilities
-Conduct exploitation testing using off-the-shelf or self-developed exploitation tools and document findings for client remediation
-Produce and deliver vulnerability and exploit information to clients in the form of a professional security assessment report
-Conduct client conference calls to include, but not limited to project kick-off calls, notification of high/critical findings during the testing process, and close out calls to review test findings, evidence, process steps to reproduce, and remediation recommendations
-Perform proactive research to identify and understand new threats, vulnerabilities, and exploits
-Excel as both a self-directed individual contributor and as a member of a larger team
-Mentor and train fellow team members in new technologies and techniques
-Interface with Counter Threat Unit (CTU) and Incident Response (IR) teams
-Perform other essential duties as assigned
-Travel as needed to client locations primarily within the Tokyo area
-Lead Red Team projects
Requirements
-Minimum of 5 years of experience with security testing (Vulnerability Assessments, Web Application Testing, Network Penetration Testing, and/or Red Team)
-Minimum of 3 years of experience with at least one of the following: Burp Suite Pro, Metasploit, Kali Linux, Responder, Tenable (Nessus), AppScan, WebInspect, Powershell Empire
Preferences
-OSCP/E or GIAC GPEN, GWAPT, GXPN or similar preferred
-English language (basic to advanced)
-Operating systems administration and internals (Microsoft Windows / Linux)
-Understanding of TCP/IP networking at a technical level
-A Bachelor of Science degree in Computer Science, Computer Engineering, Electrical Engineering, or
a related technical field; or equivalent professional experience
-Experience with various application attack vectors, security test processes and strong knowledge of common vulnerabilities (i.e. OWASP Top 10)
-Working knowledge of SQL and high level languages
-Good technical communication skills, both written and verbal; good analytical and problem solving skills
-Significant plusses for one or more of the following: experience in social engineering, mobile or cloud application testing, experience with disassembly and debugging tools, exploit development, runtime malware analysis, testing embedded platforms and hardware security, ICS testing experience, and cryptography or cryptanalysis
-10+ years of professional experience in information security or related field
Location- Tokyo with the ability to work remote
職務概要
シニアセキュリティテスティングコンサルタントは、Security & Risk Consulting部門のテクニカルテスティングチームのリードとして、情報セキュリティの分野における各種攻撃についてのインテリジェンスを活用しながら、お客様のシステム環境内に潜在する脆弱性を検出し、さらにExploitまでを行っていきます。主な担当分野はWebアプリケーションやAPI、モバイルアプリケーション、プラットフォームの脆弱性診断や侵入テストです。
業務内容
応募要件
歓迎要件
勤務地:東京(リモートワークも可)
Read the full Equal Employment Opportunity Policy .
-
Tokyo Amazon Web Services Japan GK フルタイムあなたはシステムやワークロードをクラウドに移行する際の課題を解決できるセキュリティ・リスク・コンプライアンスに関わる専門家ですか?あなたはお客様やパートナー様がクラウドのアーキテクチャーを用いる際に情報セキュリティに関する要件に取り組むことを支援できるスキルをお持ちですか?あなたは最新のクラウドのサービスを学び、その知見を公共部門のお客様に役立てたいとは思いませんか? · Amazonは地球上で最も顧客中心の企業であることを目指しています。Amazon Web Services (AWS)は世界中の重要なビジネスアプリケーションに力を与える信頼性が高く ...
-
Tokyo 5000 Kyndryl Japan KK Full timeWho We Are · At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, in ...
-
Tokyo Snaphunt Full timeThe Offer · Flexible working options · Opportunity to make a positive impact · Great work environment · The Job · You will be responsible for : · Delivering client projects · Project management of cyber risk advisory engagements (e.g., running kick-off meetings, refining outputs ...
-
Security Consultant
1ヶ月前
Tokyo Amazon· アマゾンウェブサービス(AWS)プロフェッショナルサービスのセキュリティ,リスク,コンプライアンス(SRC)チームは有償のコンサルティング組織で,さまざまな業界の大手企業顧客と協力して,クラウドで安全かつ迅速にビジネス成果を達成します.当社のセキュリティコンサルタントは,プロジェクトベースのサポートを通じて,お客様のビジネス上の問題をより迅速に解決し,長期的なビジネス拡大を目的として,クラウドテクノロジーを促進する革新的なソリューションについて,お客様と協力して取り組んでいます. · AWS Professional Services SRC チ ...
-
DLP Consultant
4週間前
Shinjuku NEXUS CORPORATION【ポジション概要】:DLP(Data Loss Prevention)コンサルタントのポジションを募集しております · 当社が提供するセキュリティサービスはエンド・ツー・エンドで提供しているため、1つの領域だけでなく、さまざまなセキュリティの仕事に携わることができます。大手セキュリティベンダーとのグローバルパートナーシップがあり、最新の製品やサービスに関する知識をいち早く学ぶことができます · DLP(Data Loss Prevention)コンサルタントは、組織が機密データの不正な漏洩や不適切な利用を防ぐのを支援する専門家で、ビジネスのニーズとリスク ...
-
GRC Consultant
4週間前
Shinjuku NEXUS CORPORATIONJob Description: · 【概要】GRCコンサルタントのポジションを募集しております。当社が提供するセキュリティコンサルティングでは、顧客のセキュリティ戦略に基づき、様々なセキュリティ施策を支援・リードします · 例えば、ISMSの基準に基いた情報セキュリティマネジメントシステムの設計、導入、アセスメントやNISTフレームワークを使用して、リスク評価、リスク管理、アセスメント。また、セキュリティポリシー、プロセス、手順の策定、CSIRTの立ち上げやインシデント対応プロセス策定等を支援します · また、WP29(CSMS/SUMS)やPCID ...
-
Tokyo Fortinet Full timeLocation: Japan (Tokyo) · Role Overview: · The Consulting Systems Engineer is responsible for presenting and managing the pre-sales, enablement, go to market, and technical aspects of the Fortinet Solution proposition and service offerings to our most important partners and custo ...
-
Tokyo Recorded FutureWith 1,000 intelligence professionals, over $300M in sales, and serving over 1,800 clients worldwide, Recorded Future is the world's most advanced, and largest, intelligence company · Sr. Intelligence Consultant - Japan* English follows Japanese (日本語の後に英語が続きます) · Recorded Futureは ...
-
Tokyo Magnitude Consulting Full timeMagnitude Consulting is an IT Consultancy focused on sourcing exceptional talent across permanent recruitment throughout APAC, US & EMEA. Our team work around the clock, sourcing and developing both valuable candidates and clients to drive digital transformation and innervational ...
-
Sales Rep
7日前
Tokyo Entrust Japan Co., Ltd. Full timeThe Company: · Entrust relies on curious, dedicated and innovative individuals whom anticipate the future and provide solutions for a more connected, mobile and secure world. Entrust's technologies and expertise help government agencies, enterprises and financial institutions in ...
-
Tokyo Rakuten Full timeDescription · : Department Overview In Rakuten, security and safety of the Internet services of our group are guaranteed by the Cyber Security Defense Department (CSDD). CSDD covers all aspects of the Secure Development Life Cycle (SDLC) and operation security for all the servi ...
-
Tokyo Rapid7Rapid7 Cybersecurity Advisors partner with our customers above and beyond the tactical aspects of vulnerability management, application security, and threat detection and incident response. · You will work with your customers to increase their resilience against threats through ...
-
Tokyo Splunk IncWe are seeking an outstanding candidate to evangelize the business value of Splunk inside and outside the company. Be consultative on the value selling process with field sales teams and sales leaders supporting opportunities with new and existing Splunk customers. This is a grea ...
-
Tokyo FigmaFigma is growing our team of passionate people on a mission to make design accessible to all. , Figma helps entire product teams , design and build better products — from start to finish. Whether it's consolidating tools, simplifying workflows, or collaborating across teams and t ...
-
Tokyo Capital Group Full timeRole Summary: · The BDA position is an integral part of the sales team. You will work primarily with the Relationship Managers (RMs) responsible for developing Capital Group's business in one of Capital's priority markets in Asia. You will act as day-to-day contact between prospe ...
-
Tokyo MediaThe Opportunity · We are looking for a dynamic, high-performing Business Development Manager based in Tokyo with experience selling marketing technology, and/or other professional tech-based services to enterprise brands. You will be expected to provide a consultative experie ...
-
Tokyo Rakuten Full timeDescription · : Business Overview · With over 14 million accounts, Rakuten Bank is the largest internet bank in Japan. · Department Overview · The System Division is an organization that engages in all tasks related to our systems, such as planning, development, operations, m ...
-
Tokyo Palo Alto Networks Full timeJob Description · Your Career · As a SIEM Engineer for Cortex XSIAM, you will play a pivotal role in assisting our customers with seamless log migration and effective detection strategies. Working closely with the technical lead, you will ensure the successful onboarding and ing ...
-
Industy Lead
7日前
Tokyo TikTok RegularAbout the team · The Global Business Solutions (GBS) team is responsible for the revenue growth of the TikTok business, and our teams include Sales, Marketing, Ops, Account Managers, Agency and partnerships, as well as Marketing Science. At TikTok, our Global Business Solutions ( ...
-
Tokyo Palo Alto Networks Full timeJob Description · Your Career · You will be responsible for pre-sales SE work, proposing our latest SOC platform to customers. · Your impact · ・Cortex product group, which is the core of our cybersecurity (XDR that provides EPP, EDR, NDR, etc., improving security operations using ...