The CISO Office works with the business divisions that develop and provide Money Forward’s services to maintain and improve the security of our products. This includes controlling major clouds such as AWS and GCP, visualisation, and the design, implementation, and operation of common security functions such as WAF. The CISO Office is also responsible for strengthening the security of the company’s information systems.
We are looking for the Senior Offensive Security Specialist to work with us so that more users can use our services with peace of mind.
Responsibilities
In this position, you will leverage your expertise in penetration testing and red teaming to enhance the security posture of Money Forward. Collaborating closely with the security specialists in the CISO Office, your primary responsibilities will include:
- Conducting comprehensive penetration tests and red team exercises to identify vulnerabilities and assess the security of our systems and applications
- Automating red team and penetration testing processes to improve efficiency and coverage, utilizing tools and scripts to streamline repetitive tasks
- Designing and delivering training programs to educate and upskill internal teams on red teaming methodologies and best practices
- Supporting or leading vulnerability assessments and penetration testing initiatives.
- Gathering and analyzing vulnerability information, including Open Source Intelligence (OSINT)
Requirements
Technical skills
- Strong understanding of Computer Science, including networks, operating systems, data structures, cryptography, etc.
- Proven experience in penetration testing, red teaming, or related offensive security roles
- Basic scripting and exploit writing skills
Soft skills
- Ownership, teamwork skills, and communication skills
- Self-learning skills
Nice to haves
While not specifically required, tell us if you have any of the following.
- Qualifications such as OSCP, OSEP, GCIH, etc.
- Deep understanding of cloud native architectures including AWS, Google Cloud, Azure
- Experience in forensics, malware analysis, and incident response is a plus.
- Experience of security-related work in the financial and Fintech industries, such as FISC
- Experience of CTF
- Experience of bug hunting and obtaining CVE
- Experience in AI development and/or experience in using AI tools to improve development processes. Money Forward recently announced our AI Strategy roadmap which focuses on improving AI-driven operational efficiencies, as well as integrating AI agents into our products to deliver better value to our users.
Compensation
¥8,000,000 ~ ¥15,000,000 annually.
