Responsibilities:
1. Capable of simulating external, internal, and phishing attack techniques, phishing simulations must delivery in Mandarin.
2. Attack simulation tools are strictly limited to open-source or commercial software not developed or manufactured in China.
3. The service methodology is based on internationally recognized frameworks (MITRE ATT&CK), with all attack activities and remediation recommendations mapped to MITRE TTPs and documented in the "Red Team Report."
4. The service scope is customizable to client requirements.
Requirements:
1. A minimum of 5 years' experience in Red Team services.
2. Proven track record of delivering Red Team services to financial industry clients across the Asia-Pacific region (verifiable evidence required).
3. More than 5 certified simulation attack experts with OSCP certification, including at least 2 experts with OSWE certification.
4. Simulation attack experts must not be Chinese nationals or located in China. Services are available between 07:00 AM and 19:00 PM (GMT+8), with on-site delivery in Taiwan if necessary.
5. Experts can conduct video conferences or email communications in Mandarin or provide a translator with cybersecurity expertise.
6. The service scope is customizable to client requirements.
Job Types: Full-time, Contract
Contract length: 12 months