Penetration Tester

Role Overview:

We are seeking a skilled and innovative Security Researcher to lead our Liveness Testing and Presentation Attack Detection (PAD ) initiatives with a focus on offensive approach. The ideal candidate will employ an attacker’s mindset to simulate, test for liveness and presentation attacks, while also managing teams and projects related to liveness detection, data annotation, and quality assurance.

liveness detection systems

Key Responsibilities:

Offensive Security & Liveness Attack Simulation:

• Design and execute red-teaming operations to test liveness detection systems.
• Simulate presentation attacks using advanced techniques, such as bypass injections, emulator setups, jailbreaks, and rooted device configurations.
• Leverage frameworks like

  Frida

  for dynamic testing and reverse engineering of mobile applications.

Red Teaming for Liveness Attacks:

• Lead red-teaming efforts to simulate and analyze injection and presentation attacks.
• Develop strategies and solutions to mitigate vulnerabilities.

Liveness Testing & data pipeline Development:

• Execute and manage liveness and presentation attack tests across systems.
• Contribute to enhancing machine learning models for PAD (training can be provided).

Data Annotation & Quality Assurance:

• Oversee data annotation activities to ensure high-quality datasets for PAD and liveness testing.
• Manage QA processes to maintain standards in project deliverables.

Threat Intelligence & Community Monitoring:

• Engage in online communities, such as WhatsApp, Facebook, or user groups, to monitor and analyze shared attack vectors.
• Leverage insights from threat intelligence to enhance defense strategies.

Project Management:

• Plan, execute, and monitor projects, ensuring timely delivery and alignment with organizational goals.

Requirements:

• Hands-on expertise in bypass injection attacks, emulator usage, jailbreak/rooted environments, and frameworks like

  Frida

  .
• Hands on experience in Web and mobile application penetration testing.
• Proven ability to manage data annotation projects, including team coordination and QA.
• Strong understanding of iOS and Android frameworks for setting up attack environments.
• Familiarity with mobile application penetration testing and dynamic instrumentation tools.
• Familiarity with threat intelligence gathering from user groups or online platforms.
• Experience in large-scale

  BPO operations

  ,

  data annotation management

  , or

  bug bounty programs

  is highly desirable.

Preferred Qualifications:

• Ability to adapt quickly to emerging attack methodologies.
• Background in managing teams in organizations such as Superhands or large BPOs.
• Understanding of security challenges in the Indonesian market.
• Experience with ML models and their application in PAD is a plus.
• Certification in mobile application security or ethical hacking (e.g., OSCP, CEH, or equivalent).

Why Join Us?

This is an opportunity to work on the cutting edge of security research, contribute to innovative liveness solutions, and collaborate with global teams tackling real-world challenges. If you’re passionate about offensive security and thrive in a dynamic environment, we’d love to hear from you.