Personal improvement and growth are taken seriously here. The flexibility to work on both proactive and reactive cyber security engagements has greatly expanded my exposure and abilities in serving our clients.
Senior Associate, Red Team Offensive Security, Cyber RiskHong Kong, Hong Kong SAR
What makes a successful Cyber Security employee at Kroll? Check out the traits we’re looking for and see if you have the right mix.
- Relationship expertise
- Technologically inquisitive
Kroll offers many career paths to support your immediate and future success.
Intern leads to Associate, Cyber Risk
Associate, Cyber Risk leads to Senior Associate, Cyber Risk
Senior Associate, Cyber Risk leads to Vice President, Cyber Risk
Vice President, Cyber Risk leads to Senior Vice President, Cyber Risk
Senior Vice President, Cyber Risk leads to Associate Managing Director, Cyber Risk
Associate Managing Director, Cyber Risk ends this path
At Kroll Cyber Risk, I find the collaboration and real sense of teamwork very inspiring. Personal egos are not encouraged! Communication with senior management is also straightforward and responsive. An excellent working environment.
Bill AndersonVice President, APAC Cyber Risk, Singapore
Opportunities for new cyber challenges, knowledge, and career growth are plentiful here. Not only is your success supported through regular professional training, the entire global team also contributes to information sharing via collaboration tools and weekly group presentations. We truly work as a global team and no one ever hesitates to step up and help.
David KloppAMD, Cyber Risk, Singapore
At Kroll you have the opportunity to learn different aspects of cyber security allowing you to develop a set of skills beneficial to your career growth and development. Kroll invests in cyber security and each employee can receive sponsorship for cyber training. In addition, they encourage a work life balance allowing you to do different things for yourself and the team.
Rick LiSenior Associate, Cyber Risk, Hong Kong
The Kroll Cyber team has a great culture. Everyone is down to earth and willing to help each other out. There are no big egos to contend with, which makes for a vibrant and collaborative working environment.
One of the significant differences between Kroll Cyber and other places I have worked is how easy it is to work across international teams. There are no bureaucratic processes; all it takes is a quick conversation to organise logistics.
Mark FarleySenior Vice President, EMEA Cyber Risk, London
Working for the group is awesome, from the amazing culture to a diverse range of projects undertaken. The benefits of being in a global team and collaborative knowledge sharing is unparalleled compared to competitors. Everyday can be different, however it typically consists of helping clients improve their cyber security, constant learning and problem solving.
Hassan MahmudAssociate, EMEA Cyber Risk, London
One of the things I appreciate most from being at this company is the feeling of support. Whether that be helping to develop my work product, ensuring I receive sufficient training, or affording me flexibility when life demands it, I always have the sense that Kroll has my back, and that is a valuable thing indeed.
Ben HawkinsSenior Managing Consultant, EMEA Cyber Risk, London
Ongoing training and development opportunities at all levels of the firm through programs such as Kroll, The Promote Program and Network of Women.
As a global firm, our benefits vary by country.
Be part of a flexible and diverse team that encourages and supports your personal and professional growth.
Senior Associate, Red Team Offensive Security, Cyber RiskJob ID 21006306 Hong Kong, Hong Kong SAR Apply now
Senior Associate, Cyber Risk – Hong Kong
Offensive Cyber Security: Proactive consulting, Red Teaming, Pen-Testing and ethical hacking.
In a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens. Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity—not just answers—in all areas of business. We value the diverse backgrounds and perspectives that enable us to think globally. As part of One team, One Kroll, you’ll contribute to a supportive and collaborative work environment that empowers you to excel.
Job Description/ Requirements:
This Offensive Cybersecurity role will involve working with our growing regional/global team to perform technical cyber security assessments, adversarial attack simulation and security research. The successful candidate will be able to demonstrate relevant experience, which would normally be expected to be a mix of both commercial experience and involvement in cyber related activities outside of work (e.g. personal professional research, industry group events, bug bounties, CTF exercises, etc.).
Kroll’s Cyber practiceworks on hundreds of matters a year, including on some of the highest profile cyber matters in the world. With experts based around the globe, supported by ground-breaking technology, we can help protect our client’s data, people, operations and reputation with innovative cyber risk assessments, investigations and reporting. We help enable organization to be more cyber resilient by preparing for and detecting incidents through risk assessments, penetration testing and threat detection/intelligence services. Our clients also count on us for quick and expert support in the event of a cyber breach or attack; we help clients – of all sizes –respond to incidents and restore stability through digital forensics, breach notification, and identity monitoring and restoration services for individuals affected by a data breach.
Our professionals balance analytical skills, deep market insight and independence to deliver solid, defensible analysis and practical advice to our clients. As an organization, we think globally. We create transparency in an opaque world, and we encourage our people to do the same. That means when you take your place on our team, you’ll discover a supportive and collaborative work environment that empowers you to excel. If you’re ready to share your perspective with the world and help deliver cutting edge cyber security work, then Kroll can offer you a unique experience.
- Deliver technical cyber security assessment services such as penetration testing, source code review, security architecture review, red/purple team exercises and tabletop exercises.
- Keep up to date with the latest exploitation techniques and procedures through research and access to our training platforms and intelligence sources
- Assist with writing and delivering presentations for diverse audiences, ranging from industry groups/ events to private industry clients
- Assist with DFIR investigations, as needed.
These qualities are considered most important to performing the role:
- Fluent in both Cantonese and English
- Demonstrated ability to conduct penetration testing, vulnerability assessments, red teaming
- Experience using open-source and commercial cyber security testing tools and frameworks
- Familiarity with CWE, CVSS, OWASP, Mitre ATT&CK frameworks and scoring systems
- Ability to work with minimal supervision and guidance
- Ability to quickly learn new tools and techniques and adapt to new environments
- A pro-active and results driven mindset with a desire to collaborate and learn
- Good written and spoken English skills
- Ability to communicate effectively with both technical and non-technical audiences
- A passion for “deep dive” on technical subjects and the ability to focus intensely on solving complex technical puzzles.
- Good time management and organizational skills
- Comfortable working alone or in small teams on very specialized engagements
Not essential, but candidates demonstrating the following qualities may be given priority selection:
- Bachelor’s Degree or higher in Computer Science, Engineering or other relevant field
- Software development and scripting experience
- Hardware engineering, maker or hardware hacking experience
- Be familiar or experienced with Active Directory security
- Good knowledge of Cloud technology and security
- Prior participation in CTF or Bug Bounty programs
- Creating or contributing to open-source software projects, media or groups related to cyber security.
- Prior experience presenting at meetups or conferences, delivering training or running workshops
- Public speaking experience
- Experience with DFIR or blue team / SOC experience
- Reverse engineering experience
- Vulnerability research experience and exploit development
- Possession of relevant accreditation such as CREST, OSCP, GIAC, CRTP/CRTE, CISSP, etc.
In order to be considered for a position, you must formally apply via careers.kroll.com.
Kroll is committed to equal opportunity and diversity, and recruits people based on merit.
- Senior Associate, Transaction Advisory Services London, United Kingdom
- Analyst, Valuation Services Atlanta, Georgia, United States
- Analyst, Real Estate Advisory Group Boston, Massachusetts, United States
- Senior Vendor and Risk Manager, Information Technology New York, New York, United States, Chicago, Illinois, United States