Penetration Tester & Intel Jobs

Introduction to Lazada

At Lazada, we want to make a positive impact by accelerating the progress of Southeast Asia through commerce and technology. As a part of the Alibaba family, we believe in empowering all aspiring entrepreneurs by making it easy to do business anywhere. Our ecosystem of brands, sellers and customers in the region aims to transform the way businesses run so our customers lead better lives. We believe we can better achieve that with a great team. If you are bold and can be your authentic self, let's explore ways of shaping the future together.

Team introduction:

The Lazada Security and Enterprise Intelligence department is responsible for protecting the eCommerce activities of over 560 million consumers, more than 155,000 sellers (merchants), and the 3,000 brands on Lazada’s growing ecosystem. We are increasing our investment in business security and significantly expanding our team. This is an exciting opportunity to be part of and shape the future of a strategic group within Lazada.

Key Responsibilities:

• Identify fraud modus operandi being actively discussed by cyber criminals
• Conduct target research on cyber criminals abusing Lazada platform with the aim to provide real-life identifiers to Law Enforcement / Legal teams for enforcement/legal action
• Collaborate with and support the investigations of other BizRisk Operations teams
• Identify technical vulnerabilities and how they are being used to abuse Lazada’s platform for fraud
• Work with security operation teams to simulate threats and verify security controls
• Lead initiative with stakeholders from other departments to implement risk controls or fix vulnerabilities that were uncovered
• Conduct threat intelligence exercises and evolving threat actors’ Tactics Threats Procedures (TTP) to be used as a part of simulation exercises

Key Skill, Qualifications, Experience requirements:

• Min 3 years' experience in a similar role that requires knowledge of cybersecurity, technology controls, networking concepts,
• Source Intelligence (OSINT) gathering and/or analysis, Media Intelligence (SMI/SOCMINT) gathering and/or analysis, Intelligence (HUMINT) analysis, Intelligence (SIGINT) analysis and Intelligence (CYBERINT) analysis.
• Bachelor's Degree in Computer Science, Computer Engineering, Cybersecurity, or similar work experience in a related field
• Excellent communication skills, with the ability to articulate complex threat information to technical and non-technical audiences with little to no oversight.
• Specialist training, experience or skills in one or more of the following:
• Strong, demonstrable knowledge of Cybercrime, cyber-enabled fraud and a deep understanding of the principles of intelligence gathering and analysis, especially in the Deep and Dark Web
• Demonstrated understanding of recent cyber trends, campaigns, incidents and threat actor groups
• Daily monitoring of fraudsters move, testing on cheating tools found on fraudsters group, handle feature testing and competitor benchmarks.