GO BACK
Red Team & Sec Test / Specialist-Hangzhou / Jakarta
Department:
Technology
Location:
China
Department: Technology
Location: China
Job Description
Execute sophisticated adversary emulation campaigns that mirror real-world threat actors. You'll be the attacker that helps make our defenses stronger.
Core Responsibilities
● Plan and execute full-spectrum red team operations using MITRE ATT&CK® & ATLAS frameworks
● Simulate advanced persistent threats across web, mobile, cloud, and enterprise environments
● Bypass cutting-edge security controls (EDR, NDR, WAFs, SIEM/SOAR) to test real-world resilience
● Develop custom exploits and tools in Python, Go, C#, PowerShell, or Rust
● Collaborate with Blue Teams in Purple Team exercises to enhance detection capabilities
● Research emerging threats targeting e-commerce platforms
● Deliver actionable findings to technical teams and executives

Attack Domains
● Web & API: Business logic flaws, SSRF, OAuth/JWT attacks, injection vulnerabilities, OWASP top 10.
● Mobile: iOS/Android: reverse engineering, OWASP MASTG
● Cloud & AD: Multi-cloud attacks (AWS, GCP, Azure), Kerberoasting, DCSync, Golden Ticket attacks
● Emerging Tech: AI/ML systems, serverless, containers, identity frameworks
Job Requirements
What You Need
Required Experience
● 5-8+ years in offensive security (Red Team, Penetration Testing, Adversary Emulation)
● Deep expertise in at least 3 domains: Web/API, Cloud, Active Directory, Mobile, or AI/ML security
● Proficiency in Python, Go, C#, PowerShell/Bash for exploit development
● Hands-on experience with C2 frameworks (Cobalt Strike, Havoc, Sliver), Metasploit, Burp Suite Pro
● Strong understanding of Windows/Linux internals, networking, and enterprise architectures
● Experience with MITRE ATT&CK® and / or ATLAS® framework and Purple Team engagements
Preferred
● Advanced certifications: OSEP, OSWE, OSED, GXPN, CRTE/CRTO, CCT Web/INF
● Public security contributions: CVEs, open-source tools, conference talks, research
● Experience with AI/LLM security, blockchain, IoT, or e-commerce platforms
● Bachelor's in Computer Science, Cybersecurity, or equivalent experience

What Makes You Great
● Adversarial mindset: Creative and persistent in finding non-obvious attack paths
● Technical depth: Can develop custom exploits and explain complex risks clearly
● Collaborative: Committed to making Blue Teams stronger through your attacks
● Ethical: Unwavering professionalism with sensitive systems and data
● Continuous learner: Passionate about pushing offensive security boundaries
Ready to be the threat that makes us stronger? Join our team !
Application Form
First Name
Last Name
Email
Country code
Mobile
Current location
Education
Linkedin
Why are you applying to Lazada?
Upload resume
Select file
Nothing is selected
Only supports docx, jpg, pdf, jpeg, png. File size maximum 5MB. File Name maximum 300 characters.
Upload additional document
Select file
Nothing is selected
Only supports docx, jpg, pdf, jpeg, png. File size maximum 5MB. File Name maximum 300 characters.
RECRUITMENT INFORMATION NOTICE
captcha
© Lazada Group.