Security Consultant

About Theos

Our mission is to empower businesses to thrive in the new digital security age by helping define and execute strategies to achieve cyber resilience. Practical steps instead of silver bullets. We are a team of experts in key security domains, including Penetration Testing, Red Teaming, Managed Detection & Response, and Digital Forensics and Incident Response. 

We deliver premium security services to local and international clients in Asia, SMEs and enterprises by leveraging leading technologies and expertise that are traditionally only accessible to high end global customers, some of which are also our clients.

We value true Passion for Security, Innovation in our approach to Solutions and Services, and Continuous Development of our People.

Importantly, we deliver on our commitments.

We are seeing tremendous traction and aim to foster a collaborative, flexible working environment to enable the delivery of high value to customers. We are passionate about service and do not hesitate to go above and beyond the call of duty when necessary to ensure that we achieve the right outcome for our Customers and our People.

About the Role

Theos is seeking a Security Consultant - Red Team Operations to support and execute Red Team engagements, simulating real-world cyber threats to assess client security defenses.

Reporting to the Red Team Manager, this role involves assisting in engagements, conducting controlled security testing, and documenting findings for both technical teams and executive stakeholders. You will collaborate with senior operators to refine attack strategies, develop methodologies, and enhance security assessments. Additionally, you will stay current with emerging threats, contribute to tool development, and grow your skills through hands-on experience in offensive security.

Key Responsibilities

• Execute Red Team engagements for enterprise clients, simulating real-world cyber threats to assess security defenses.
• Conduct controlled security testing within the Rules of Engagement (RoE) while adhering to best practices.
• Assist in technical decision-making during engagements, supporting the development of attack strategies and methodologies.
• Prepare detailed technical reports and executive summaries, outlining security gaps, risk ratings, and actionable recommendations.
• Stay up to date on emerging threats, attack techniques, and industry trends to refine Red Team tactics.
• Contribute to tool development, scripting, and methodology improvements to enhance team efficiency.
• Collaborate with senior Red Team Operators to execute engagements, meet deadlines, and improve methodologies.
• Share knowledge with the security community through tools, presentations, white papers, and blogs.
  
  

Core Qualifications

• A minimum of 2 years' experience in security with a major focus on offensive security, within a consulting environment.
• The ability to articulate and explain technical scenarios and findings to a non-technical audience.
• Strong understanding of the MITRE ATT&CK Framework and Unified Kill Chain.
• Knowledge of Active Directory penetration testing tools, techniques, and methodologies.
• Expertise in reconnaissance, with skills in gathering and analyzing information about an organization's systems and networks.
• Ability to manage and work effectively with different stakeholders including project managers, developers, and non-technical app owners.
• Passion for cybersecurity and active participation in the security community.

Preferred Qualifications

• Certifications such as OSCP, OSEP, CRTO, CRTE, PNPT, or similar, are highly preferred.
• Basic skillset in creating and customizing malware for simulated attacks.
• Experience with coding and scripting languages such as C, C#, Python, PowerShell, and BASH.
• Experience or knowledge in conducting phishing attacks and building required infrastructure for phishing campaigns.
• Understanding of infrastructure automation using Terraform and Ansible.

Why Join Us? 

At THEOS Cyber, we believe that people are at the core of what we do. We are building one of the top cybersecurity firms in Asia by working with some of the best in the industry—or those who are driven to become the best. We work hard to create an environment where experts thrive, challenges drive growth, and work is genuinely enjoyable.

What you can expect:

• A flexible, remote work set-up
• Professional growth and career development
• Trainings & Certifications.
• High-end laptop
• Top-notch medical benefits 
  
• Work with top teams, experts and executives
• Supportive work culture

If you're looking for a role to hone and apply your skills as a security professional, this might be a role for you. 

About Your Application

• Answers to the screening questions matter a lot
• If you do not specify a desired pay and date available, your application will be disregarded.
• No visa or relocation is provided for this role.