Bybit1 week ago

Principal Security Operation Engineer

Bybit

On-site · Kuala Lumpur, Kuala Lumpur, Malaysia

Kuala Lumpur, Kuala Lumpur, MalaysiaOn-siteFull TimeSenior LevelNot SpecifiedUnknown

Type

Full Time

Level

Senior Level

Education

Not Specified

Company size

Unknown

Job Summary

Principal Security Operation Engineer responsible for developing and executing penetration testing, red-blue confrontation drills, and practical attack/defense exercises to identify security risks across enterprise networks, applications, and cloud environments. Leads or participates in red-blue exercises to assess defense capabilities, covers attack chains including extranet breakthrough, web vulnerability exploitation, phishing, privilege escalation, and lateral movement. Evaluates AI security for applications and model services, designs red team test cases, and contributes to automated tooling, security evaluation platforms, and reporting. Performs threat intelligence monitoring, risk assessment of external exposure surfaces, and improvements to detection rules, asset governance, and security baselines. Collaborates cross-functionally with blue team, infrastructure, R&D, and business units; produces detailed technical reports, attack paths, risk analysis, and remediation recommendations. Proficiency in common attack techniques, toolchains, operating systems, web frameworks, containers, and Kubernetes environments; strong documentation and problem-solving skills are required. Bonus points for cloud security and zero-trust, collaboration with AI-enabled security practices, and experience with automated red team platforms.

Required Qualifications

5+ years of experience in red team, penetration testing, security research, or offensive and defensive exercises
Proficient in penetration testing and red team processes
Experience with red-blue exercises and attack-defense drills
Proficiency with security tooling (e.g., Sliver, Cobalt Strike, NPS, Burp Suite, Metasploit, Nmap, Masscan, Frida, Impacket)
Familiarity with Windows, Linux, macOS security
Programming/scripting skills (Python, Go, Bash, PowerShell, JavaScript)
Experience with AI security, large-scale model security, or security automation
Ability to output high-quality security reports and technical documentation
Certifications such as OSCP, OSCE, CISSP, CEH, CCSP preferred
Knowledge of MITRE ATT&CK, OWASP Top 10, NIST AI RMF

Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.

Hiring someone like this?

Get your role in front of qualified candidates on Sorce.

Get started