About Our Client
A MAS-licensed payment service provider bridgingtraditional finance and digital assets, enabling businesses to transact seamlessly in both fiat and digital currencies across borders. Named one of Singapore's Top 10 Startups on LinkedIn Top Startups 2025.
The Role
We're looking for a Red Team Manager to lead our offensive security function - a team of ethical hackers tasked with simulating real-world threat actors across our environments. This is a hands-on leadership role: you'll run engagements yourself while building and managing the team, owning the programme, and translating findings into concrete risk outcomes for senior stakeholders.
What You'll Do
- Plan and execute full-scope red team engagements across network, application, cloud, mobile, and physical vectors
- Lead purple-team exercises with the SOC and Blue Team to test detection and response
- Manage the bug bounty programme end-to-end, including triage and remediation coordination
- Maintain red team infrastructure (C2 frameworks, phishing simulation platforms) to production-safe standards
- Hire, mentor, and develop a team of operators, pentesters, and threat intelligence analysts
- Translate findings into risk statements aligned with ISO 31000 and NIST RMF contribute to board-level risk reporting
- Ensure engagements comply with MAS TRM, PDPA, GDPR, UK GDPR, and other applicable regulations across our operating jurisdictions
- Produce executive and technical reports with clear risk ratings, business impact narratives, and remediation roadmaps
Requirements
- Degree in Computer Science, Information Security, or equivalent
- 8+ years of hands-on offensive security experience, with at least 3 years in a leadership or management capacity
- Proven expertise across web apps, cloud (AWS/Azure/GCP), mobile (iOS/Android), APIs, and internal networks
- Experience working in a regulated financial services or payments environment
- Working knowledge of MAS TRM, GDPR, UK GDPR, FCA Operational Resilience, and DORA
- Proficiency with red team tooling: Cobalt Strike/Brute Ratel, Sliver, Metasploit, Burp Suite Pro, BloodHound, Impacket scripting in Python, C#, or PowerShell
- Strong communicator - able to present technical findings clearly to non-technical executives and board members
Preferred: OSCP/OSED/OSWE, CRTO, GXPN, CISSP, CISM, CRISC prior TIBER-EU or iCAST experience exposure to blockchain or digital asset infrastructure
About Us
Dada Consultants was established in 2017, with the commitment of providing the best recruitment services in Singapore. We are comprised of a dynamic head-hunting team dedicated to sourcing for highly competent professionals in IT industry. We provide enterprises with customized talent solutions, and bring talents to career advancement.
www.dadaconsultants.com
EA Registration Number: R2197058
Business Registration Number: 201735941W. Licence Number: 18S9037
