L’Oréal, the #1 beauty company represents nearly 20 brands across luxury, consumer and hair categories. Established in 1990, L'Oréal Singapore has more than 550 employees and a Research & Innovation Center for advanced skin biology, clinical research and open innovation.

Unleashing the power of beauty through women in tech. At L’Oréal Groupe, we do our utmost to make our products accessible to all.

L'Oréal Singapore consistently wins awards for its commitment to environmental, social, ethical, employee and consumer needs. It is the first and only beauty company to win the 3R Award from Singapore's National Environment Agency. It also consistently ranks among the top graduate employers in Singapore and engages multi-cultural talent and global innovation ecosystems through its Brandstorm and Innovation Runway competitions.

We are looking for a skilled Offensive Security Manager to oversee our offensive security and ethical hacking operations within the APAC and MENA regions. The ideal candidate will have extensive experience with penetration testing and red teaming, and will be responsible for developing and improving these aspects of our cybersecurity posture. This role involves managing related vendors, evaluating the criticality of vulnerabilities, and conducting ad-hoc penetration testing. Job Responsibilities • Develop and implement a comprehensive offensive security strategy across the APAC and MENA regions, to ensure our systems are robustly defended against cyber threats. • Conduct ad-hoc penetration testing on our IT infrastructure to identify and document vulnerabilities and risks. • Oversee and improve the company's bug bounty program, liaising with external researchers, assessing reported vulnerabilities, and ensuring timely and effective remediation. • Lead and coordinate red teaming exercises to simulate real-world cyberattacks and assess our defensive capabilities. • Manage relationships with offensive security vendors, including leading RFP processes, managing contracts, and overseeing the work delivered. • Provide technical expertise to evaluate the criticality of vulnerabilities discovered during testing or reported through the bug bounty program. • Work closely with internal teams and stakeholders to remediate identified vulnerabilities effectively and efficiently. • Create reports and communicate findings and strategies to stakeholders and senior management. • Stay abreast of the latest offensive security techniques and technologies, ensuring our approaches remain current and effective. Job Qualifications • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field. • Minimum of 5 years of experience in offensive security roles. • Relevant certifications from Offensive Security (OSCP, OSCE) or CREST (CRT, CCT) or similar. • In-depth knowledge of penetration testing methodologies, tools, and techniques. • Familiarity with bug bounty programs and red teaming exercises. • Strong understanding of current threats, vulnerabilities, and attack trends. • Excellent communication skills and ability to translate complex security issues into business impact. • Strong project management skills, ability to manage multiple projects and tasks simultaneously. This role is integral to the security and integrity of our company's information technology systems. If you are passionate about cybersecurity and love the challenge of staying one step ahead of cyber threats, we would love to hear from you. Click "I'm interested!" to do so.