Cybersecurity Engineer (Binary Vulnerability) - Information Security

3-5 years
23 days ago 1 Applied
Job Description

Job Description:

  • Conduct cyber risk assessment (red team engagement) in support of technology initiatives to emulate the APT adversary scenarios, and help identify IT related risk and determine appropriate controls to mitigate risks
  • Monitor, track, and manage unknown risk mitigations and exceptions, and ensure adequate monitoring capability is incorporated into solutions
  • Research the undiscovered vulnerabilities (0-day) against different IT infrastructures, including operating systems (Windows/Linux), cloud native (Kubernetes/Docker), network devices (routers/switches/firewalls/VPNs), and endpoint management (VMware Workspace ONE/IPMI)
  • Deliver the exploit code and plugins for identified vulnerabilities


  • Bachelor's degree or higher in Computer Science, Information Technology, Programming & Systems Analysis, Engineering, Statistics, or other related fields
  • Minimum 3 years of relevant work experience
  • Hands-on experience in writing standalone PoCs of infrastructure vulnerabilities, including writing exploit codes based on known PoCs of vulnerability descriptions
  • Familiar with common vulnerability classes such as buffer overflows, command injection, insecure deserialization
  • In-depth understanding of modern security mitigations and methods to bypass them (e.g. stack cookies, SafeSEH, DEP, ASLR, CFG, etc)
  • In-depth understanding of security mechanisms of Windows/Linux systems, and familiar with offensive techniques in ring0/ring3
  • Experience in vulnerability analysis, fuzzing, reverse engineering, or advanced exploitation techniques, with proficiency in tools such as IDA Pro, OllyDBG, WinDBG, GDB, Burp Suite, etc
  • Proficient in programming languages like Python, Go, or Java
  • Strong communication skills and effective teamwork spirit
  • Self-starter and fast learning ability




cyber risk assessment
advanced exploitation techniques
vulnerability analysis
offensive techniques
command injection
security mitigations
teamwork spirit
security mechanisms
exploit code
fast learning ability
insecure deserialization
red team engagement
IT related risk
stack cookies
Job Source:

Shopee Pte. Ltd. is a Singaporean multinational technology company that specialises in e-commerce. The company was launched in Singapore in 2015, before it expanded abroad. As of 2021, Shopee is considered the largest e-commerce platform in Southeast Asia with 343 million monthly visitors.

Career Advice to Find Better