
Senior Offensive Security Consultant
S-RMSummary
S-RM is hiring a Senior Offensive Security Consultant in Kuala Lumpur. This role involves delivering offensive security services, including penetration testing and red teaming, to help clients build cyber resilience. The position requires strong business acumen and technical expertise, with approximately 40% of the time dedicated to commercial and leadership activities, and the remainder focused on delivery.
Required Skills
Details
- Experience Required
- 8+ years
- Work Authorization
- Work Auth Required
- Posted
- Jul 3, 2026
Description
Senior Offensive Security Consultant
Offensive Security consultants run the delivery of our offensive security services. They help to interpret client challenges, innovate solutions, and deliver findings.
As an OS consultant, you will work across the full spectrum of our pentesting services, whether point in time or continuous, as well as participate in larger engagements such as red teams. You will help our clients to build cyber resilience, enhance their understanding of the threat landscape and become better prepared to face dynamic and evolving security risks.
As a senior consultant, you will be responsible for supporting commercial efforts, as well as line management and maintenance of standards, tools and knowledge. We are looking for someone with a strong business acumen and technical background who can help us shape, sell and deliver impactful resilience workstreams to our clients. The commercial and leadership aspect of this role will take approximately 40% of your time, the rest being focused on delivery.
- MAIN DUTIES AND RESPONSIBILITIES
Client Engagement and Account Management
- Engage with clients to understand their cyber security challenges
- Translate client challenges into solutions that fit S-RM’s Offensive Security service offering and value proposition
- Lead on proposal writing and presentations, with an understanding of delivery timelines, project resourcing requirements and pricing
- Contribute to the expansion of client accounts and winning of new business
- Gain an understanding of S-RM’s target sectors and industries
Offensive Security
Penetration testing:
- External infrastructure
- Web application
- API pentesting
- Phishing and spear phishing
- Internal pentesting
- Mobile application pentesting (Android and iOS)
- Attack surface scanning and monitoring
- Cloud assessments and configuration reviews
- Hardware Build Reviews
- Support senior team members in the delivery of red team assessments (end to end, breaching the perimeter, assumed breach, bespoke)
- Red teaming
- Support senior team members in the delivery of red team assessments (end to end, breaching the perimeter, assumed breach, bespoke)
Delivery:
- Deliver findings in a range of formats, including written reports, presentations, and verbal briefings
Training:
- Support the development and delivery of cyber security training packages on a range of topics
- Deliver client training on phishing/awareness/general cyber topics.
- Threat Intelligence
- Keep abreast of threat intelligence developments, threat actor activity and security industry developments in mitigations and tooling
Mentoring and technical leadership
- Provide oversite, shadowing and knowledge sharing opportunities for pentesting to other team members
- Participate in monthly knowledge sharing sessions
- Gain an understanding of our cyber services outside of offensive security (incident response, cyber advisory, digital forensics) and support with offensive security skills where required
- Identify and address internal capability gaps with the support of senior team members
Requirements
We are looking for an individual who has 8 or more years’ experience in pentesting and offensive security consulting across multiple areas including:
- Web/API testing
- Internal network and Active Directory
- External infrastructure and VA
- Cloud (AWS/Azure/GCP)
- AI security testing (nice to have)
- Red Team assessments and familiarity with modern detection/evasion techniques (nice to have)
Experience:
- Experience working within security consulting, with good client-facing skills including report writing, briefings and general comms.
- Experience mentoring or line managing more junior members of a team.
All candidates must have permission to work in Malaysia by the start of their employment.
OUR BENEFITS
We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, this includes but is not exhaustive of:
- 20 days holiday per year in addition to bank holidays (+1 day for every year of service up to a maximum of 25 days in total);
- Hybrid working and flexible working hours;
- EPF (Employees Provident Fund with a contribution rate of 12% employer & 11% employee;
- Life Insurance 4X annual salary.
- Parental Support:
- Fertility treatment leave – 5 days of leave per cycle of treatment per year;
- Maternity leave – 26 weeks of full pay followed by 13 weeks of half pay;
- Paternity leave – 6 weeks of full pay.
- Various Health and Medical Benefits including:
- Private dental and medical insurance (taxable benefit) for you and your family;
- EAP programme for you and your immediate family;
- Free access to the world-famous mindfulness app
We nurture a culture of equality, diversity and inclusion and we are dedicated to developing a workforce that displays a variety of talents, experiences and perspectives.
To apply for this role, please submit a PDF version of your cover letter and CV to: Job Application for Senior Offensive Security Consultant at S-RM
