Associate, Cyber Risk, Offensive Security

**Associate, Cyber Risk - Singapore**

**Offensive Cyber Security: Proactive consulting, Red Teaming, Pen-Testing and ethical hacking.**

In a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens. Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity—not just answers—in all areas of business. We value the diverse backgrounds and perspectives that enable us to think globally. As part of One team, One Kroll, you’ll contribute to a supportive and collaborative work environment that empowers you to excel.

**Job Description/ Requirements**:
Kroll’s Cyber practice works on hundreds of matters a year, including on some of the highest profile cyber matters in the world. With experts based around the globe, supported by ground-breaking technology, we can help protect our client’s data, people, operations and reputation with innovative cyber risk assessments, investigations and reporting. We help enable organization to be more cyber resilient by preparing for and detecting incidents through risk assessments, penetration testing and threat detection/intelligence services. Our clients also count on us for quick and expert support in the event of a cyber breach or attack; we help clients - of all sizes -respond to incidents and restore stability through digital forensics, breach notification, and identity monitoring and restoration services for individuals affected by a data breach.

Our professionals balance analytical skills, deep market insight and independence to deliver solid, defensible analysis and practical advice to our clients. As an organization, we think globally. We create transparency in an opaque world, and we encourage our people to do the same. That means when you take your place on our team, you’ll discover a supportive and collaborative work environment that empowers you to excel. If you’re ready to share your perspective with the world and help deliver cutting edge cyber security work, then Kroll can offer you a unique experience.

**RESPONSIBILITIES**:

- Deliver technical cyber security assessment services such as penetration testing, source code review, security architecture review, red/purple team exercises and tabletop exercises.
- Keep up to date with the latest exploitation techniques and procedures through research and access to our training platforms and intelligence sources
- Assist with writing and delivering presentations for diverse audiences, ranging from industry groups/ events to private industry clients
- Assist with DFIR investigations, as needed.

**ESSENTIAL REQUIREMENTS**:
These qualities are considered most important to performing the role:

- Fluent in English and preferably one Asian language
- Demonstrated ability to conduct penetration testing, vulnerability assessments, red teaming
- Experience using open-source and commercial cyber security testing tools and frameworks
- Familiarity with CWE, CVSS, OWASP, Mitre ATT&CK frameworks and scoring systems
- Ability to work with mínimal supervision and guidance
- Ability to quickly learn new tools and techniques and adapt to new environments
- A pro-active and results driven mindset with a desire to collaborate and learn
- Good written and spoken English skills
- Ability to communicate effectively with both technical and non-technical audiences
- Good time management and organizational skills
- Comfortable working alone or in small teams on very specialized engagements

**DESIRABLE

**REQUIREMENTS**:

- Bachelor’s Degree or higher in Computer Science, Engineering or other relevant field
- Software development and scripting experience
- Hardware engineering, maker or hardware hacking experience
- Be familiar or experienced with Active Directory security
- Good knowledge of Cloud technology and security
- Prior participation in CTF or Bug Bounty programs
- Creating or contributing to open-source software projects, media or groups related to cyber security.
- Prior experience presenting at meetups or conferences, delivering training or running workshops
- Public speaking experience
- Experience with DFIR or blue team / SOC experience
- Reverse engineering experience
- Vulnerability research experience and exploit development
- Possession of relevant accreditation such as CREST, OSCP, GIAC, CRTP/CRTE, CISSP, etc.
- Kroll is committed to equal opportunity and diversity, and recruits people based on merit_

LI-CJ2

efin

LI-Hybrid