- Information Technology
- Singapore - Singapore
Join Dyson in an exciting opportunity to be part of our expansion into Offensive Security. We are recruiting a Penetration Tester. You will work in a specialist team which primarily focuses on investigating Dyson’s landscape (Web/Enterprise/IOT) for unknown security vulnerabilities to ensure Dyson’s reputation for quality is maintained.
About the roleAt Dyson we believe that when it comes to security you need both a good defence and a good offense. Our team is responsible for ensuring Dyson stays protected against both internal and external threats and we achieve this through Penetration Testing and Red Teaming.
The role will involve engaging with subject matter experts throughout the Enterprise to assess new and existing platforms and then enhance our security through Penetration Testing. When we’re not performing standard Penetration Tests we’re looking for new ways to improve Dyson’s security posture by asking ourselves “I wonder if” and then investigating the possibilities.
The role has the following responsibilities:
- Help manage and maintain Dyson’s bug bounty programme, ensuring reported vulnerabilities are assessed, investigated, triaged and resolved within appropriate timeframes
- Provide assurance through targeted security assessments and Ethical Hacking
- Work closely with development and operations teams to build security into the core of what we do
- Define cybersecurity best practices, processes, and workflows.
- Work to design and implement security controls into our products, including web and mobile apps as well as hardware.
- Drive continuous improvement in security and champion changes to the organisation
About youOn a day to day basis you could be engaging with any area of the business and as such this role requires a broad range of technical understanding across multiple avenues of technology. As well as this, a passion for security and understanding how we use technology to enhance our business is a must.
We would expect the following key competencies:
- Strong background in orchestrating and performing Penetration Testing, Vulnerability Assessments and Risk Assessments
- Ability to work well under minimal supervision and with a high degree of autonomy and responsibility.
- Team-oriented interpersonal skills, with the ability to communicate effectively with a broad range of people and roles, including vendors, IT and business personnel.
- Strong conceptual thinking and communication skills.
- Able to travel to world-wide sites across the enterprise.
A strong understanding in most of the following:
- Web & Mobile security
- Infrastructure security
- Defensive Coding & Code Analysis
- Penetration Testing
- Internet of Things (IOT) security
- Offensive Security (Red Teaming)
- API Security
- Cloud Services
- Compliance Standards (such as PCI-DSS)
- Bug Bounty programmes
- Programming and scripting languages
- At least 3 years of experience in Penetration Testing
- Experience in engaging with a wide business audience and being able to communicate at all levels, from support desk to Director
- Knowledge of common security methodologies and frameworks.
- A bachelor's or master's degree in computer science, information security or other related field; or equivalent work experience.
- A professional security certification, such as Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN), or other similar credentials, is desired.
BenefitsDyson Singapore monitors the market to ensure competitive salaries and bonuses. Beyond that, you’ll enjoy a transport allowance and comprehensive medical care and insurance. But financial benefits are just the start of a Dyson career. Professional growth, leadership development and new opportunities abound, driven by regular reviews and dynamic workshops. And with a vibrant culture, the latest devices and a relaxed dress code reflecting our engineering spirit, it’s an exciting team environment geared to fuelling and realising ambition.
We are following the government guidelines regarding COVID19. At this time all interviews will be conducted via video or telephone. We’re taking these precautionary measures to protect both our employee and candidate wellbeing. Our Talent Acquisition team will work with you and provide further information as appropriate.