Security Penetration Testing Manager

About Kredivo:

Kredivo is a leading financial technology company in Southeast Asia,, committed to providing innovative financial solutions. As part of our commitment to security and data protection, we are dedicated to maintaining a robust security infrastructure, and the Security Penetration Testing Manager will play a pivotal role in ensuring the integrity and resilience of our systems.

If you meet the criteria above and are passionate about contributing to the security landscape of a dynamic fintech environment, we encourage you to apply.

Location: Singapore (travelling to Jakarta required)

Experience: Kredivo is seeking an experienced Security Penetration Testing Manager to join our regional Information Security team. The ideal candidate will possess 8+ years of industry experience in Southeast Asia, with a strong focus on application security and red teaming.

Technical Capabilities:

• Conduct thorough penetration testing against various systems, including web applications, mobile applications, networks (including wireless), and virtualisation infrastructures.
• Perform secure code reviews and vulnerability assessments to identify and exploit vulnerabilities.
• Lead red teaming exercises to simulate sophisticated cyber threats and evaluate defensive measures.

Leadership and Process Development:

• Manage and lead a team of penetration testers, providing guidance and mentorship to ensure efficient delivery of consulting services.
• Take the lead in penetration testing projects, effectively scoping and managing resources to meet timelines and objectives.
• Collaborate with cross-functional teams to integrate security practices seamlessly into the development lifecycle.

Process Development:

• Develop and refine processes for application security assessments, penetration testing, and red teaming activities.
• Define and enforce secure coding practices and guidelines to enhance the overall security posture of applications.
• Drive the implementation of security automation to streamline security processes.

Additional Requirements:

Candidates should meet one of the following criteria:

• Possess a Bachelor's degree in Computer Science, Information Technology, Programming & Systems Analysis, or a related field.

Certifications:

• Maintain relevant technical certifications such as OSCP (Offensive Security Certified Professional), OSCE3 (Offensive Security Certified Expert), OSEE (Offensive Security Exploitation Expert), GCIH (GIAC Certified Incident Handler), or CRT (Certified Red Teamer)

Language Proficiency:

• Proficient in English; additional proficiency in Bahasa is a plus, facilitating effective communication with diverse team members and stakeholders.