Ensign InfoSecurity

Senior Red Team Consultant (Offensive Security & AI Security)

Ensign InfoSecurity  •  Singapore, SG (Onsite)  •  3 hours ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

Ensign is hiring !

Key Responsibilities

  • Serve as the primary technical point of contact for client engagements from scoping and kickoff through execution, reporting, and debrief.
  • Lead engagement scoping conversations, set rules of engagement, and manage client expectations on timelines, access, and deliverables.
  • Present findings, business-risk impact, and remediation guidance directly to client stakeholders, including technical teams and senior/executive audiences.
  • Manage the client relationship throughout the engagement, handling sensitive findings with discretion and professionalism.
  • Plan and execute full-scope red team engagements simulating advanced persistent threats (APTs): reconnaissance, initial access, privilege escalation, lateral movement, persistence, and exfiltration.
  • Conduct adversary emulation aligned to recognised frameworks (e.g., MITRE ATT&CK).
  • Perform penetration testing across network, web/mobile application, cloud (AWS/Azure/GCP), wireless, and Active Directory environments.
  • Deliver engagements and provide structured feedback to improve its capability and workflow.
  • Carry out social engineering assessments (phishing, vishing, physical access) where in scope.
  • Develop, customise, and maintain offensive tooling, scripts, and payloads.
  • Identify, chain, and safely exploit vulnerabilities to demonstrate realistic business impact.
  • Adversarially test AI and ML systems for weaknesses including prompt injection, jailbreaks, data poisoning, model evasion, model extraction, and sensitive-data leakage.
  • Assess the security of LLM-integrated applications, agentic systems, and AI pipelines, including supply-chain and integration risks.
  • Apply emerging AI security frameworks (e.g., OWASP Top 10 for LLM Applications, MITRE ATLAS, NIST AI RMF) to structure engagements.
  • Contribute to developing methodology, tooling, and service offerings.
  • Stay current with the evolving threat landscape, new attack techniques, and AI security research.

Required Qualifications

  • At least 4 years years of hands-on offensive security experience (penetration testing, red teaming, or equivalent),
  • Proven ability to lead engagements and present technical findings credibly to both technical and executive audiences.
  • Strong, demonstrable understanding of common attack vectors, exploitation techniques, and the full attack lifecycle.
  • Proficiency in at least one scripting/programming language (e.g., Python, PowerShell, Go, C#).
  • Solid grasp of networking, OS internals (Windows/Linux), Active Directory, and cloud security fundamentals.
  • Familiarity with common offensive tooling (e.g., Cobalt Strike, Metasploit, BloodHound, Burp Suite, C2 frameworks) and adaptability to proprietary platforms.
  • Genuine interest in AI/ML security and a clear appetite to build AI red teaming expertise.
  • Excellent written and verbal communication; strong stakeholder-management instincts.
  • High ethical standards, sound judgement, and the ability to handle sensitive findings responsibly.

Preferred / Advantageous

  • Prior exposure to AI/ML systems, LLMs, or adversarial machine learning.
  • Experience working with or building internal/proprietary security tooling.
  • Vulnerability research, exploit development, or CTF experience.
  • Cloud or container security depth (Kubernetes, serverless).
  • Consulting-firm or MSSP delivery experience.
Ensign InfoSecurity

About Ensign InfoSecurity

Ensign InfoSecurity is the largest pure-play end-to-end cybersecurity service provider in Asia. Headquartered in Singapore, Ensign offers bespoke solutions and services to address their clients’ cybersecurity needs. Their core competencies are in the provision of cybersecurity advisory and assurance services, architecture design and systems integration services, and managed security services for advanced threat detection, threat hunting, and incident response. Underpinning these competencies is in-house research and development in cybersecurity. Ensign has two decades of proven track record as a trusted and relevant service provider, serving clients from the public and private sectors in the Asia Pacific region.

Industry
IT & Software
Company Size
501-1,000 employees
Headquarters
Singapore, SG
Year Founded
2018
Social Media