Job Detail

Lead Red Team Analyst (Remote)


Job Description

We are looking for passionate offensive security experts to join us in the watchTowr Labs team, as Lead Red Team Analysts - and help find innovative, unique vulnerabilities at scale across our client base. This is a role with both remote and Singapore-based options!

watchTowr Labs is our epicentre of offensive security expertise, and has been designed to operate like an APT group. This is not consultancy work, project-based work, or engagements restricted by scope/time/budget. Enterprises rely on our technology and approach to look at their organisations holistically, and continuously, as if they were being continuously red-teamed.

If something is exposed to the Internet - whether it’s SaaS, cloud, shadow IT, or the random marketing website everyone forgot about presents a weakness to their organisation - it’s our job to discover it, highlight it, and hack it.

This is the opportunity to use your expertise and creativity to continuously find ways to break into some of the world and region’s largest brands, enterprises and businesses - and not be limited by a scope, time restrictions or repetitive client engagements.

Sounds great – what will I do?

  • You will spend your days hacking - or professionally put, “looking for innovative, high-impact vulnerabilities in numerous organisations to fuel our engine”. No scope, no time restrictions, no limitations.
  • You will be focused on looking for the vulnerabilities that matter - high-impact weaknesses that would have a material impact on our clients. We don’t care about weak SSL ciphers, we care about Remote Code Execution.
  • You’ll work with other offensive security experts to share ideas and brainstorm new tactics and techniques that we can use to demonstrate high-impact weaknesses in organisations.
  • You’ll be performing cutting-edge offensive security research to build and test your own high-impact tactics and techniques. Our research has one goal - strengthen external attack surfaces.
  • By working closely with our Red Team Engineers, your tactics and techniques will be deployed at scale to all of our clients, and implemented into our technology - our message is very clear, never do anything twice, let our technology provide the harness and continuous framework you need.
  • If your dream is to speak at conferences and present your research to the world - we will support you to make it happen!

Job Requirement

Ideal Experience

Ideally, you should have 3 or more years of experience, with:

  • Involvement in red-team exercises with large enterprises.
  • You know how you'd break into enterprises without a known vulnerability or a CVE.
  • Prolific experience in the bug bounty space - unclear scopes, thinking outside of the box is your game.
  • Have basic scripting skills in GoLang and/or Python.
  • Hold industry-recognised qualifications, like CCSAS/CCT/CRT/OSCP.
  • Driven by your own passion and initiative - you understand the mission, and don’t need someone to guide you.


Full Name*
Email address*
Upload a different Resume (Your application will be submitted using this resume instead)
Choose a file
Only .pdf is allowed