What makes the role special

Founded in 2003 and headquartered in Singapore, Group-IB is a leading creator of cybersecurity

technologies to investigate, prevent, and fight digital crime. Combating cybercrime is in the company’s DNA, shaping its technological capabilities to defend businesses, and citizens, and support law enforcement operations.

Group-IB’s Digital Crime Resistance Centers (DCRCs) are located in the Middle East, Europe, Central Asia, and Asia-Pacific to help critically analyze and promptly mitigate regional and country-specific threats. These mission-critical units help Group-IB strengthen its contribution to global cybercrime prevention and continually expand its threat-hunting capabilities.

Each of us can help make the world a safer place. Join us!

ABOUT THE ROLE:

Think like an adversary — identify and exploit complex, real-world attack paths beyond automated tooling.

Be ready to do deep manual testing, multi-stage exploitation, and custom proof-of-concept development across diverse technologies and environments (not just run scanners).

Tasks to solve

  • Conduct external and internal penetration testing and vulnerability assessment activities
  • Conduct social engineering campaigns
  • Assess wireless security
  • Participate in red teaming exercises
  • Internal research and development

This role is perfect for you if

  • At least 2 years of experience in Offensive Security
  • Strong technical background in computer networks, operating systems and programming
  • Strong scripting skills in one or more languages (Python, Go, Powershell, Bash, Ruby, Perl, Lua)
  • Practical knowledge in web vulnerabilities and complex exploitation.
  • Practical knowledge in network services vulnerabilities and exploitation.
  • Experience getting initial access (both through technical means and social engineering campaigns)
  • Experience operating C2 frameworks (open-source and commercial)

What else we appreciate in our team

  • exploitation in heavily monitored and protected environments)
  • Malware development experience (writing shellcode loaders, obfuscating and customizing commonly used pentest and red teaming tools)
  • Cloud platforms familiarity: Azure, AWS, GCP
  • Blue team detection and response procedures and capabilities knowledge or experience working in BT
  • Programming skills in one or more low-level languages (Asm, C/C++ etc)
  • Reverse engineering and vulnerability research skills
  • Specialized knowledge such as OT, SS7 and IoT networks, embedded systems and similar sub categories of offensive security
  • Certifications such as OSCP, OSEP, CRTO, OSWE, OSED and similar
  • Public researches, tools, conference talks
  • Discovered vulnerabilities with high/critical impact or in commonly used products