Cyber Security Researcher

**Hello, let us introduce ourselves**

We are watchTowr, an early-stage VC-backed cyber security startup headquartered in Singapore. We’ve recently raised US$2,250,000 in seed funding and we’re now looking to scale up rapidly in line with our traction.

Cyber security veterans and technical experts, we are obsessed with building exciting technology for some of the world’s most targeted organisations. By leveraging data, our aim is to empower organisations to keep up with the rapid rate of evolution across the cyber security industry, by providing continuous and real-time assurance in line with a frontline adversarial understanding of cyber security.

We are a young, high-energy and high-performing team that is devoted to building world-class technology in pursuit of realising our mission. We are in a high and aggressive growth phase of our journey, and are excited to continue adding colleagues to join our phorce of nature.

**But what’s the role?**

We are looking for offensive security experts to expand our watchTowr LABS team, and work with us to evolve our Continuous Attack Surface Testing technology. watchTowr LABS is our epicentre of offensive security expertise, and has been designed to operate like an APT group.

This is not consultancy work, project-based work, or engagements restricted by scope/time/budget. Enterprises rely on our technology and approach to look at their organisations holistically, and continuously, as if they were being continuously red team’d.

If something is exposed to the Internet - whether it’s SaaS, cloud, shadow IT, or the random marketing website everyone forgot about presents a weakness to their organisation - it’s our job to discover it, highlight it, and track it.

This is the opportunity to use your expertise to continuously find ways to break into some of the world and region’s largest brands, enterprises and businesses.

Our vision for offensive security is continuous.

**Sounds great - what will I do?**
- You will spend your days looking for vulnerabilities in numerous organisations - no scope, no time restrictions, no limitations.
- You will be focused on looking for the vulnerabilities that **matter** - high-impact weaknesses that would have a material impact on our clients. We don’t care about SSL ciphers, we care about Remote Code Execution.
- You’ll work with other offensive security experts to share ideas and brainstorm new tactics and techniques that we can use to demonstrate high-impact weaknesses in organisations.
- You’ll be performing cutting-edge offensive security research to build and test your own high-impact tactics and techniques. Our research has one goal - strengthen external attack surfaces.
- Your tactics and techniques will be deployed at scale to all of our clients, and implemented into our technology - our message is very clear, never do anything twice, let our technology provide the harness and continuous framework you need.
- You will be analysing the technical details of emerging weaknesses, and rapidly building proof-of-concepts to identify vulnerable assets (we helped our clients react to Log4J in 2 hours).
- If your dream is to speak at conferences and present your research to the world - we will support you to make it happen

**Sounds perfect to me, what specifics are you looking for?**

**Ideal Experience**

Ideally, you should have 3 or more years of experience, with:

- Involvement in red-team exercises with large enterprises.
- Have basic scripting skills in GoLang and/or Python.
- Hold industry-recognised qualifications, like CCSAS/CCT/CRT/OSCP.

**Bonus Experience**

It’ll also be awesome if you have:

- Lead red-team and adversarial simulation exercises.
- Performed cyber-security simulations with actions across the kill-chain.
- Have published your own research, whether it be in blogposts or at conferences.
- Have demonstrated your skills across bug-bounty programmes.

**Our Experience**

When you join us, you can expect (ok, we kinda expect this from you too):

- A highly motivated, experienced, offensive cyber team that obsesses over our shared mission.
- To be part of a team of outcome-focused problem-solvers.
- An environment of autonomy and creativity to support you to deliver the best work of your life.
- Finding vulnerabilities and breaking technologies in various cool and creative ways.
- A culture of continuous improvement in the form of learning and growth.

**What’s in it for me?**
- **Competitive compensation -** we believe that hard work, skills and ambition should be fairly compensated.
- **Meaningful role in a company** - You will be a key and early contributor to a fast-growing cyber security business that helps protect some of the world's largest enterprises.
- **The best tools and powerful kit -** we enable you with the tools to effectively fulfil your role.
- **Endless opportunities -** we are in a high-growth phase of our journey, and plan to promote from within as we scale.
- **