8 Red Team jobs in Hong Kong

1 week ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

Direct message the job poster from BSD Education

Join BSD Education: Part-Time Red Community Manager for China Market Growth!

Are you passionate about social media, digital marketing, and educational innovation? BSD Education is seeking a creative, driven, and bilingual (Mandarin/English) Part-Time Red Community Manager to help us manage and grow our presence on Red (Xiaohongshu). You’ll play a vital role in expanding BSD’s impact and business in the dynamic China region!

What You’ll Do:

• Manage and develop engaging content for our Red social media platform
• Implement effective growth and engagement strategies targeting educators, students, and parents
• Collaborate with our international team to align brand messaging and promotions
• Monitor trends and analytics to optimize performance and boost reach

Requirements:

• Solid experience managing social media accounts, especially Red/Xiaohongshu
• Deep understanding of the China social media landscape and digital culture
• Fluency in Mandarin Chinese and English
• Creative thinker with strong writing and visual content skills
• Self-motivated and detail-oriented, able to work independently

Why BSD Education?

Join a fast-growing, mission-driven company that empowers learning through technology. Enjoy flexible hours, a collaborative international team, and opportunities for growth.

Ready to make an impact?

Apply now with your CV and examples of your work! Let’s build the future of education together.

• Seniority level Entry level

• Employment type Part-time

• Job function Marketing and Sales
• Industries E-Learning Providers

Referrals increase your chances of interviewing at BSD Education by 2x

Get notified about new Community Manager jobs in Hong Kong SAR .

Sha Tin District, Hong Kong SAR 2 weeks ago

New Territories, Hong Kong SAR 1 week ago

Islands District, Hong Kong SAR 10 months ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

About us

At wizlynx group, we're on a mission to fortify the digital defense of our clients by staying one step ahead of cyber threats. As a Red Team Specialist, you'll play a pivotal role in our cybersecurity team, focusing on emulating threat actors to assess and enhance the security of enterprise networks. Your mission: to penetrate, identify vulnerabilities, and simulate cyberattacks to strengthen our clients' defenses.

Key Responsibilities

• Emulate threat actor tactics, techniques, and procedures to assess the security posture of client networks.
• Execute red teaming exercises, striving to achieve defined objectives, such as gaining domain admin privileges, accessing sensitive information, or simulating ransomware attacks.
• Stay updated on current threat actor groups, their tactics, and tools to replicate them effectively during client engagements.
• Demonstrate exceptional technical expertise and adaptability in assimilating new knowledge.
• Utilize your deep understanding of complex information systems and industry trends to identify vulnerabilities and communicate findings to the engagement team and client management through written reports and verbal presentations.
• Contribute to people-related initiatives, including coaching, recruiting, training, and staff retention.
• Foster a culture of continuous learning by maintaining an educational program to develop your personal skills and those of your team.
• Adhere to workplace policies and procedures, setting a positive example for your colleagues.

Qualifications and Attributes

• A bachelor or master's degree in Information Systems, Computer Science, Engineering, or related fields.
• 3+ years of recent experience in offensive security, including internal and external penetration testing, Red Teaming, and social engineering.
• Possession of certifications such as OSEP, GXPN, CRTO, etc.
• Proven ability to work independently or within large, complex projects delivering offensive cyber security services.
• Proficiency in developing, extending, or modifying exploits and offensive security tools, as well as operational experience in exploitation, lateral movement, and persistence on Windows and Linux systems.
• Experience bypassing preventative and detective endpoint and network security controls, using C2 frameworks like Cobalt Strike and Metasploit, and leveraging common offensive security tools (e.g., nmap, CrackMapExec, Impacket, Responder, etc.).
• Strong OSINT collection and organization skills, both manual and automated.
• In-depth knowledge of modern offensive security tools and frameworks, including Bloodhound, nmap, and Impacket.
• Familiarity with the Cyber Kill Chain and the MITRE ATT&CK Framework.
• Coding skills, in any of the following languages: C#, Python, C++, Go, PowerShell, ASP.NET.
• Excellent knowledge of local Red & Purple Teaming frameworks and guidelines such as iCAST, TIBER-EU, ABS’ Red Team Guidelines, etc.
• Advanced understanding of Windows and Unix operating systems internals.
• Exceptional interpersonal, written, verbal, communication, and presentation skills.
• Proven experience in conducting penetration tests and red team assessments.
• Strong analytical skills and proficiency in data analytics methods.
• Demonstrated leadership abilities.

Language Skills:

Excellent communication skills in English and Cantonese (written and spoken).

What we are offering you

You will get the opportunity to work with the best cyber security experts in a multi-cultural environment.

At wizlynx group, you will also have the chance to go to conferences, participate in ethical hacking competitions, attend advanced trainings, and pass highly recognized certifications.

We are offering you to work in a thrilling, challenging but fun environment where what you do is important and meaningful. At wizlynx, there is no limit but the sky. If you wish to learn and get involved in other areas of cyber security or the business, we will ensure that you get all the help you need to succeed.

You will also get dedicated time for security research on topics that interest you the most.

Your Full Name

Your Email

Upload Resume

About us

At wizlynx group, we're on a mission to fortify the digital defense of our clients by staying one step ahead of cyber threats. As a Red Team Specialist, you'll play a pivotal role in our cybersecurity team, focusing on emulating threat actors to assess and enhance the security of enterprise networks. Your mission: to penetrate, identify vulnerabilities, and simulate cyberattacks to strengthen our clients' defenses.

Key Responsibilities

• Emulate threat actor tactics, techniques, and procedures to assess the security posture of client networks.
• Execute red teaming exercises, striving to achieve defined objectives, such as gaining domain admin privileges, accessing sensitive information, or simulating ransomware attacks.
• Stay updated on current threat actor groups, their tactics, and tools to replicate them effectively during client engagements.
• Demonstrate exceptional technical expertise and adaptability in assimilating new knowledge.
• Utilize your deep understanding of complex information systems and industry trends to identify vulnerabilities and communicate findings to the engagement team and client management through written reports and verbal presentations.
• Contribute to people-related initiatives, including coaching, recruiting, training, and staff retention.
• Foster a culture of continuous learning by maintaining an educational program to develop your personal skills and those of your team.
• Adhere to workplace policies and procedures, setting a positive example for your colleagues.

Qualifications and Attributes

• A bachelor or master's degree in Information Systems, Computer Science, Engineering, or related fields.
• 3+ years of recent experience in offensive security, including internal and external penetration testing, Red Teaming, and social engineering.
• Possession of certifications such as OSEP, GXPN, CRTO, etc.
• Proven ability to work independently or within large, complex projects delivering offensive cyber security services.
• Proficiency in developing, extending, or modifying exploits and offensive security tools, as well as operational experience in exploitation, lateral movement, and persistence on Windows and Linux systems.
• Experience bypassing preventative and detective endpoint and network security controls, using C2 frameworks like Cobalt Strike and Metasploit, and leveraging common offensive security tools (e.g., nmap, CrackMapExec, Impacket, Responder, etc.).
• Strong OSINT collection and organization skills, both manual and automated.
• In-depth knowledge of modern offensive security tools and frameworks, including Bloodhound, nmap, and Impacket.
• Familiarity with the Cyber Kill Chain and the MITRE ATT&CK Framework.
• Coding skills, in any of the following languages: C#, Python, C++, Go, PowerShell, ASP.NET.
• Excellent knowledge of local Red & Purple Teaming frameworks and guidelines such as iCAST, TIBER-EU, ABS’ Red Team Guidelines, etc.
• Advanced understanding of Windows and Unix operating systems internals.
• Exceptional interpersonal, written, verbal, communication, and presentation skills.
• Proven experience in conducting penetration tests and red team assessments.
• Strong analytical skills and proficiency in data analytics methods.
• Demonstrated leadership abilities.

Language Skills:

Excellent communication skills in English and Cantonese (written and spoken).

What we are offering you

You will get the opportunity to work with the best cyber security experts in a multi-cultural environment.

At wizlynx group, you will also have the chance to go to conferences, participate in ethical hacking competitions, attend advanced trainings, and pass highly recognized certifications.

We are offering you to work in a thrilling, challenging but fun environment where what you do is important and meaningful. At wizlynx, there is no limit but the sky. If you wish to learn and get involved in other areas of cyber security or the business, we will ensure that you get all the help you need to succeed.

You will also get dedicated time for security research on topics that interest you the most.

Your Full Name

Your Email

Upload Resume

Join to apply for the Consultant/Senior Consultant, Cyber Security (Penetration Testing/ Red Teaming), Technology Consulting (MJ005350) role at KPMG China

Join to apply for the Consultant/Senior Consultant, Cyber Security (Penetration Testing/ Red Teaming), Technology Consulting (MJ005350) role at KPMG China

KPMG China provides multidisciplinary services from audit and tax to advisory, with a strong focus on serving our clients’ needs and their industries. Not only do we have an overriding commitment to provide the highest quality services for our clients, but we also strive to become a responsible corporate citizen that has a positive impact on our environment and community. At KPMG, you’ll translate insights into action and reveal opportunities for all—our teams, our clients and our world.

Service Line Overview

At KPMG's Consulting practice, we do not limit ourselves to either strategy or implementation. We deliver both. Our Hong Kong division is the fastest growing within KPMG China and represents a young and enthusiastic team that always pushes for success. Since our inception, we have acquired in-depth knowledge of an incredibly broad range of sectors and services.

KPMG is the firm that views cyber security as a business enabler, and not just an IT issue. From the boardroom to back office, we help clients through Strategy and Governance, Transformation, Cyber Defense and Cyber Response. So that they are prepared for uncertainty and use cyber security to advance the business, not stand in the way.

Our wide range of projects includes Cyber Strategy, Cyber Digital Transformation, Governance & Risk, as well as a strong presence in Penetration Testing or Ethical Hacking. We are keen to speaking with cyber security specialists with various expertise and experiences to join our growth story.

We are now seeking Consultant/ Senior Consultant candidates for Cyber Defense Team.

Key Responsibilities

• Perform vulnerability assessment and penetration tests on different platforms and technologies
• Simulate real-time cyber-attacks using red team / blue team / purple team exercises
• Conduct social engineering and email phishing attacks to simulate the theft of passwords, infiltrate systems, and download malware / ransomware
• Conduct source code review to identify software program vulnerabilities and detect malware or malicious embedded code
• Conduct cloud / server / network / middleware security configuration assessments
• Conduct architecture review for cloud / on-premise IT environments
• Prepare reports on identified security vulnerabilities and possible recommendations to remediate the vulnerabilities
• Assist in continuously enhancing the existing security assessment methodologies
• Support in developing marketing and training materials to help develop staff awareness within the company and communicate KPMG's capabilities to clients
• Remain up-to-date on the latest cybersecurity threats, vulnerabilities and regulatory requirements
• Develop constructive client relationships, both inside and outside of KPMG
  
  
  

• Bachelor’s degree in computer science, InformationTechnology, or related field.
• At least one professionally qualification required: CREST, GXPN, GPEN, GCTI, GWAPT, OSCE3, OSEP, OSWE, OSEP, OSCP, CRTE, eCPTX, CISSP, or other relevant qualifications.
• 2 years of relevant working experience preferred: Red/Blue/Purple Teaming, Web/Mobile/Network/OT/IoT/other Penetration Tests, Vulnerability Assessment, Source Code Review, Appliance/System/Cloud Configuration Review, Malware development, Social Engineering.
• Candidate with less experience will be considered as Consultant.
• Knowledge in threat intelligence, reverse engineering, security products, incident response, SOC operation or other related areas will be an advantage.
• Experience with at least one scripting language (e.g. Bash, PowerShell) or programming language (e.g. Python, C, Java) preferred.
• Able to understand basic networking concepts (e.g. routing, ALC, load balancers, SSL/TLS, TCP) is preferred.
• Understand the industry recognised testing standards and have knowledge of common red teaming tools·
• Knowledge base in enterprise technologies and operations, enterprise networking, internet application security, database security evaluation and architecture, with self-motivated learning ability.
• Be able to conduct research and development and solve technical problems independently.
• Be able to work as part of a team, and at the same time being an independent self-starter·
• Have strong analytical, problem solving and inter-personal skills·
• Commands excellent written and oral communication skills with the ability to present ideas and results to technical and non-technical audiences·
• Possess a recognised Degree in Computer Science, Cyber Security, Computer/Information Engineering, Information Technology or a related discipline (STEM) is preferred·
• Excellent written and verbal communication skills in English and Chinese (Mandarin or Cantonese)
  
  
  

• Well-structured career development and learning path, 1-to-1 coaching by our cybersecurity professionals
• Access to various cyber security learning resources
• Wide exposure to working with leading financial institutions and corporations
• Continuous sponsorship and support on professional certificate development (i.e. Offensive Security, GIAC, CREST, etc.)
• Opportunities for secondment / exchange within KPMG Global network based on staff performance and preference
• Opportunities to attend KPMG overseas Global Cyber Events – such as HackNet / BlackHat
• One annual professional membership sponsorship on the approved list
• Work in a passionate team with blended cybersecurity talents
  
  
  

• Seniority level Entry level

• Employment type Full-time

• Job function Engineering and Information Technology
• Industries Professional Services

Referrals increase your chances of interviewing at KPMG China by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Consultant/Senior Consultant, Cyber Security (Penetration Testing/ Red Teaming), Technology Consulting (MJ005350) role at KPMG China

Join to apply for the Consultant/Senior Consultant, Cyber Security (Penetration Testing/ Red Teaming), Technology Consulting (MJ005350) role at KPMG China

KPMG China provides multidisciplinary services from audit and tax to advisory, with a strong focus on serving our clients’ needs and their industries. Not only do we have an overriding commitment to provide the highest quality services for our clients, but we also strive to become a responsible corporate citizen that has a positive impact on our environment and community. At KPMG, you’ll translate insights into action and reveal opportunities for all—our teams, our clients and our world.
Service Line Overview
At KPMG's Consulting practice, we do not limit ourselves to either strategy or implementation. We deliver both. Our Hong Kong division is the fastest growing within KPMG China and represents a young and enthusiastic team that always pushes for success. Since our inception, we have acquired in-depth knowledge of an incredibly broad range of sectors and services.
KPMG is the firm that views cyber security as a business enabler, and not just an IT issue. From the boardroom to back office, we help clients through Strategy and Governance, Transformation, Cyber Defense and Cyber Response. So that they are prepared for uncertainty and use cyber security to advance the business, not stand in the way.
Our wide range of projects includes Cyber Strategy, Cyber Digital Transformation, Governance & Risk, as well as a strong presence in Penetration Testing or Ethical Hacking. We are keen to speaking with cyber security specialists with various expertise and experiences to join our growth story.
We are now seeking Consultant/ Senior Consultant candidates for Cyber Defense Team.
Key Responsibilities

• Perform vulnerability assessment and penetration tests on different platforms and technologies
• Simulate real-time cyber-attacks using red team / blue team / purple team exercises
• Conduct social engineering and email phishing attacks to simulate the theft of passwords, infiltrate systems, and download malware / ransomware
• Conduct source code review to identify software program vulnerabilities and detect malware or malicious embedded code
• Conduct cloud / server / network / middleware security configuration assessments
• Conduct architecture review for cloud / on-premise IT environments
• Prepare reports on identified security vulnerabilities and possible recommendations to remediate the vulnerabilities
• Assist in continuously enhancing the existing security assessment methodologies
• Support in developing marketing and training materials to help develop staff awareness within the company and communicate KPMG's capabilities to clients
• Remain up-to-date on the latest cybersecurity threats, vulnerabilities and regulatory requirements
• Develop constructive client relationships, both inside and outside of KPMG
  

• Bachelor’s degree in computer science, InformationTechnology, or related field.
• At least one professionally qualification required: CREST, GXPN, GPEN, GCTI, GWAPT, OSCE3, OSEP, OSWE, OSEP, OSCP, CRTE, eCPTX, CISSP, or other relevant qualifications.
• 2 years of relevant working experience preferred: Red/Blue/Purple Teaming, Web/Mobile/Network/OT/IoT/other Penetration Tests, Vulnerability Assessment, Source Code Review, Appliance/System/Cloud Configuration Review, Malware development, Social Engineering.
• Candidate with less experience will be considered as Consultant.
• Knowledge in threat intelligence, reverse engineering, security products, incident response, SOC operation or other related areas will be an advantage.
• Experience with at least one scripting language (e.g. Bash, PowerShell) or programming language (e.g. Python, C, Java) preferred.
• Able to understand basic networking concepts (e.g. routing, ALC, load balancers, SSL/TLS, TCP) is preferred.
• Understand the industry recognised testing standards and have knowledge of common red teaming tools·
• Knowledge base in enterprise technologies and operations, enterprise networking, internet application security, database security evaluation and architecture, with self-motivated learning ability.
• Be able to conduct research and development and solve technical problems independently.
• Be able to work as part of a team, and at the same time being an independent self-starter·
• Have strong analytical, problem solving and inter-personal skills·
• Commands excellent written and oral communication skills with the ability to present ideas and results to technical and non-technical audiences·
• Possess a recognised Degree in Computer Science, Cyber Security, Computer/Information Engineering, Information Technology or a related discipline (STEM) is preferred·
• Excellent written and verbal communication skills in English and Chinese (Mandarin or Cantonese)
  

• Well-structured career development and learning path, 1-to-1 coaching by our cybersecurity professionals
• Access to various cyber security learning resources
• Wide exposure to working with leading financial institutions and corporations
• Continuous sponsorship and support on professional certificate development (i.e. Offensive Security, GIAC, CREST, etc.)
• Opportunities for secondment / exchange within KPMG Global network based on staff performance and preference
• Opportunities to attend KPMG overseas Global Cyber Events – such as HackNet / BlackHat
• One annual professional membership sponsorship on the approved list
• Work in a passionate team with blended cybersecurity talents
  

• Seniority level Entry level

• Employment type Full-time

• Job function Engineering and Information Technology
• Industries Professional Services

Referrals increase your chances of interviewing at KPMG China by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Cyber Security Specialist (Penetration Testing) role at Mox Bank

1 day ago Be among the first 25 applicants

Join to apply for the Cyber Security Specialist (Penetration Testing) role at Mox Bank

Get AI-powered advice on this job and more exclusive features.

About Mox

Mox is built by and for the ones who aspire to live life to the fullest – we call them Generation Mox! The name Mox reflects the endless opportunities we can create, - Mobile eXperience; Money eXperience; Money X (multiplier), eXponential growth, eXploration… it’s all up for us to define together.

Application Deadline: 6 October 2025

Department: Technology-CDSIO

Location: Hong Kong (SAR)

• Provide security expertise to ensure the ongoing confidentiality, integrity, and availability of systems and information effectively and efficiently.
• Scope and perform hands-on penetration testing and security assessments of web applications, APIs, infrastructure, cloud environments and mobile (iOS/Android) apps to assess and validate their security posture
• Write high quality reports on identified vulnerabilities, including recommendations to remediate, and deliver report to stakeholders
• Manage security assessments conducted by vendors and consultants
• Manage the penetration testing pipeline to ensure on-time completion and delivery
• Work closely with key development and operations stakeholders to ensure timely remediation
• Conduct security code reviews and make recommendations to developers
• ·Drive security awareness of secure coding practices and techniques
• Work collaboratively with key development and operations stakeholders to support the secure CI/CD pipeline
• Conduct offensive research to evaluate emerging cyber security threats and trends
• Work closely with the security operations team to proactively identify potential weaknesses, threats or vulnerabilities and address them
• Maintain up-to-date knowledge of the latest attacks, vulnerabilities, mitigation strategies, industry best practices and regulations
• Provide subject matter expertise, security consulting, and advisory services to business entities and project teams
• Build strong working relationships across the business and technology teams
  
  

• 5+ Years’ experience in IT security related positions with a key focus on penetration testing and application security
• You should be able to demonstrate:
• Passion for offensive security and assurance
• Risk mindset and knowledge of risk management guidelines and frameworks
• Good understanding of penetration testing methodologies / techniques and software security principles
• Ability to communicate and articulate technical findings with stakeholders at all levels of the business
• Hands-on threat, vulnerability, and remediation management experience
• Experience working in a cloud and container-based environment is highly desired
• Critical thinker with strong problem-solving and analytical skills
• Strong time management and ability to manage multiple projects under strict timelines.
• Development and automation experience in one or more programming languages are highly desired
• Strong collaborative nature and ability to contribute to a team environment
• Previous experience working within the finance/banking or advisory services industry beneficial
  
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Engineering and Information Technology
• Industries Banking

Referrals increase your chances of interviewing at Mox Bank by 2x

Sha Tin District, Hong Kong SAR 6 days ago

Sha Tin District, Hong Kong SAR 1 week ago

Sha Tin District, Hong Kong SAR 1 week ago

Central & Western District, Hong Kong SAR 3 days ago

Sha Tin District, Hong Kong SAR 2 weeks ago

Kwun Tong District, Hong Kong SAR 4 days ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Cyber Security Specialist (Penetration Testing) role at Mox Bank

1 day ago Be among the first 25 applicants

Join to apply for the Cyber Security Specialist (Penetration Testing) role at Mox Bank

Get AI-powered advice on this job and more exclusive features.

About Mox
Mox is built by and for the ones who aspire to live life to the fullest – we call them Generation Mox! The name Mox reflects the endless opportunities we can create, - Mobile eXperience; Money eXperience; Money X (multiplier), eXponential growth, eXploration… it’s all up for us to define together.

Application Deadline: 6 October 2025

Department: Technology-CDSIO

Location: Hong Kong (SAR)

• Provide security expertise to ensure the ongoing confidentiality, integrity, and availability of systems and information effectively and efficiently.
• Scope and perform hands-on penetration testing and security assessments of web applications, APIs, infrastructure, cloud environments and mobile (iOS/Android) apps to assess and validate their security posture
• Write high quality reports on identified vulnerabilities, including recommendations to remediate, and deliver report to stakeholders
• Manage security assessments conducted by vendors and consultants
• Manage the penetration testing pipeline to ensure on-time completion and delivery
• Work closely with key development and operations stakeholders to ensure timely remediation
• Conduct security code reviews and make recommendations to developers
• ·Drive security awareness of secure coding practices and techniques
• Work collaboratively with key development and operations stakeholders to support the secure CI/CD pipeline
• Conduct offensive research to evaluate emerging cyber security threats and trends
• Work closely with the security operations team to proactively identify potential weaknesses, threats or vulnerabilities and address them
• Maintain up-to-date knowledge of the latest attacks, vulnerabilities, mitigation strategies, industry best practices and regulations
• Provide subject matter expertise, security consulting, and advisory services to business entities and project teams
• Build strong working relationships across the business and technology teams
  

• 5+ Years’ experience in IT security related positions with a key focus on penetration testing and application security
• You should be able to demonstrate:
• Passion for offensive security and assurance
• Risk mindset and knowledge of risk management guidelines and frameworks
• Good understanding of penetration testing methodologies / techniques and software security principles
• Ability to communicate and articulate technical findings with stakeholders at all levels of the business
• Hands-on threat, vulnerability, and remediation management experience
• Experience working in a cloud and container-based environment is highly desired
• Critical thinker with strong problem-solving and analytical skills
• Strong time management and ability to manage multiple projects under strict timelines.
• Development and automation experience in one or more programming languages are highly desired
• Strong collaborative nature and ability to contribute to a team environment
• Previous experience working within the finance/banking or advisory services industry beneficial
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Engineering and Information Technology
• Industries Banking

Referrals increase your chances of interviewing at Mox Bank by 2x

Sha Tin District, Hong Kong SAR 6 days ago

Sha Tin District, Hong Kong SAR 1 week ago

Sha Tin District, Hong Kong SAR 1 week ago

Central & Western District, Hong Kong SAR 3 days ago

Sha Tin District, Hong Kong SAR 2 weeks ago

Kwun Tong District, Hong Kong SAR 4 days ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.