Senior Offensive Security Specialist
1 week ago
Join to apply for the Senior Offensive Security Specialist role at Bullish About the Company Bullish is a global digital asset platform focused on providing market infrastructure and information services. Services include the regulated Bullish Exchange for spot and derivatives trading, CoinDesk Indices for benchmark tracking, CoinDesk Data for real‑time market analytics, and CoinDesk Insights, a media platform covering the industry. Reports To: Director, Offensive Security and Vulnerability Management Role Overview The Bullish Offensive Security and Vulnerability Management (OSVM) team ensures that all Bullish Global products meet security obligations. As a Senior Offensive Security Specialist, you will be a key member of this elite team, collaborating with product and engineering to deliver secure software across a modern technology stack. You will help secure the Bullish Exchange, CoinDesk services, and CCData through manual assessments, penetration testing, code reviews, automated testing, tool development, and red‑team activities. The ideal candidate blends hacking skills with programming and a passion for the unique challenges of dynamic crypto products. Responsibilities Perform mobile and API penetration testing. Support project tasks and deadlines for engineering teams across time zones. Build custom tools to scale the security program. Exploit vulnerabilities and communicate findings to technical and non‑technical audiences. Produce detailed technical reports with risk assessment and actionable recommendations. Provide technical leadership and mentorship to security and engineering teams. Write new tools and automation scripts. Additional duties as assigned. Required Skills And Experience 5+ years of cybersecurity experience. Senior‑level penetration testing and application security assessments, design code reviews, offensive security methodologies, and ethical conduct. Familiarity with attack tools such as Burp Suite, Nessus, Kali Linux and others. Knowledge of common attacks, OWASP Top 10, SANS CWE 25. Experience with mobile application assessments (iOS/Android), web services API assessments (REST, GraphQL, message queues), and hardware/embedded systems. Ability to assess risks, severity, and communicate impact to management and engineering. Strong understanding of network and protocol basics (IP, DNS, HTTP, SSL/TLS). Understanding of basic cryptographic concepts such as PKI and encryption. Experience with software development practices, Agile fundamentals, CI/CD tools, and security scanning (Vulnerability Management, SAST, DAST, OSA, API traceability). Public cloud knowledge (AWS, Azure, GCP). Linux system administration and scripting. Certifications such as OSCP, OSCE, or OSWE; other cyber security credentials are a plus. In‑house and third‑party penetration testing experience. Bonus Strong self‑starter who can operate independently. Restlessness and drive to tackle complex problems. Excellent communication skills; able to present to senior leadership; proficient with presentations and analytical reports. Experience with external communications, papers, and conference presentations. Bullish is proud to be an equal opportunity employer. We are fast evolving and striving towards being a globally diverse community. With integrity at our core, our success is driven by a talented team of individuals and the different perspectives they bring to work every day. Referrals increase your chances of interviewing at Bullish by 2x. #J-18808-Ljbffr
-
Senior Offensive Security Specialist
2 weeks ago
hong kong, Hong Kong SAR China Bullish Full timeBe among the first 25 applicants The Bullish Offensive Security and Vulnerability Management (OSVM) team provides Bullish Global with the capabilities to ensure that our products and services are secure and meet the security obligations expected by our customers and regulators. The OSVM team helps to secure all of Bullish Global, which includes the Bullish...
-
Senior Offensive Security Specialist
7 days ago
Hong Kong Island, Hong Kong SAR China Bullish Full timeAbout Bullish Bullish is an institutionally focused global digital asset platform that provides market infrastructure and information services. These include: Bullish Exchange – a regulated and institutionally focused digital assets spot and derivatives exchange, integrating a high‑performance central‑limit order book matching engine with automated...
-
Senior Offensive Security Engineer
7 days ago
Hong Kong Island, Hong Kong SAR China Bullish Full timeA global digital asset platform in Hong Kong is seeking a Senior Offensive Security Specialist to join its security team. You will be responsible for performing penetration testing, conducting vulnerability assessments, and ensuring the security of their products. Ideal candidates will have over 5 years of cybersecurity experience, familiarity with security...
-
Senior Offensive Security Engineer
1 week ago
Hong Kong Island, Hong Kong SAR China Bullish Full timeA digital asset platform in Hong Kong is seeking a Senior Offensive Security Specialist to ensure security across its products. The role involves conducting penetration testing, building custom tools, and collaborating with engineering teams. Candidates should have over 5 years of experience in cybersecurity with strong skills in application security...
-
Hong Kong Island, Hong Kong SAR China Bullish Full timeA global digital asset platform is seeking a Senior Offensive Security Specialist to enhance its supply chain security program. The role demands over five years of cybersecurity experience, including work in application security and penetration testing. Candidates should possess coding skills and operational awareness of DevOps, alongside the ability to...
-
Senior Offensive Security Specialist
1 week ago
Hong Kong Island, Hong Kong SAR China Bullish Full timeSenior Offensive Security Specialist - Supply Chain About Bullish Bullish is an institutionally focused global digital asset platform that provides market infrastructure and information services. These include: Bullish Exchange - a regulated and institutionally focused digital assets spot and derivatives exchange, integrating a high-performance central limit...
-
Cyber Security Specialist
3 days ago
Hong Kong Island, Hong Kong SAR China Mox Bank Full timeCyber Security Specialist (Penetration Testing) 2 days ago Be among the first 25 applicants About Mox Mox is built by and for the ones who aspire to live life to the fullest – we call them Generation Mox! The name Mox reflects the endless opportunities we can create, - Mobile eXperience; Money eXperience; Money X (multiplier), eXponential growth,...
-
Senior Penetration Tester: Web, Mobile
3 days ago
Hong Kong Island, Hong Kong SAR China Mox Bank Full timeA leading digital bank in Hong Kong is seeking a Cyber Security Specialist focused on penetration testing to join its dynamic team. This role involves providing security expertise, conducting testing and assessments, and managing vulnerabilities while collaborating closely with development and operations teams. The ideal candidate will have 5+ years of IT...
-
Cyber Security Operation Specialist
2 weeks ago
Hong Kong Island, Hong Kong SAR China PFCC Group Full timeCyber Security Operation Specialist (Leading Digital Bank) Join a fast-growing digital bank that's transforming the future of banking in Hong Kong. Our client blends innovation, technology, and customer insight to deliver secure, user-centric financial solutions. As a Cyber Security Operations Specialist, you'll be part of a mission‑driven team where...
-
SOC Security
2 weeks ago
Hong Kong Island, Hong Kong SAR China Securitas Security Services (Hong Kong) Limited Full timeA leading global media company in Hong Kong seeks a Security Specialist to ensure the security of its operations. Responsibilities include analyzing global events, managing the electronic security system, and maintaining accurate event logs. The ideal candidate has tertiary education with experience in mass media or security services and should have a good...
