Job Description

We're not hiring a security engineer to keep up with threats. We're hiring someone to make threats irrelevant before they become incidents.

We're looking for a Red Team Lead/Operator who thinks like an adversary, not an auditor. Someone who continuously emulates real-world attackers, challenges assumptions, and exposes the gaps that automated defenses miss. You'll lead offensive security operations across our infrastructure, applications, cloud, and people - turning every engagement into detections, automation, and resilience. The goal isn't to prove we can be breached. It's to make the platform smarter with every attack.

Why This Matters

Deriv's mission is Trading for Anyone, Anywhere, Anytime. Millions of traders across the globe, around the clock, across regulatory environments. At this scale, a misconfigured WAF rule or undetected lateral movement isn't a technical inconvenience - it's a trader's funds at risk and a regulator on the phone.

Our Security Operations team isn't defending a perimeter. We're protecting a living, distributed system that processes transactions 24/7. When the threat surface never sleeps, your detection and response capabilities can't either - which is exactly why we're embedding AI and automation at every layer of the security stack.

The Challenge

$600B moves through this platform every month. That kind of scale attracts real adversaries: state-sponsored crews, financially motivated groups, insiders. Not hypothetical threat models, actual ones, actively working against us.

That's the environment. Not a lab. Not a CTF. A live financial platform under real pressure, defended by a security org that runs its own incident response instead of reading about breaches in the news.

We need someone who can operate like the people already trying to get in. Full kill chain, no shortcuts, no "we found SQLi and called it a day" energy.

If your idea of a challenging week is a scoped web app pentest with a checklist, this isn't for you. If you want to run against cloud, identity, source code, and now AI agents with tool access and memory, keep reading.

Why Deriv

We already run our own incident response and purple-team our findings straight into detections, not a compliance exercise, an active discipline with real fallout when it's wrong. Our security org is starting to red-team AI agents with tool access and memory, work most companies haven't figured out how to even scope yet. You'll get hands-on production experience that would take far longer to accumulate at a single-product company.

We share what we learn. Deriv is where we write about what we're building, what breaks, and what we figure out the hard way.

What You’ll Do

  • Plan and execute full-kill-chain red team engagements: initial access, privilege escalation, lateral movement, persistence, and objective completion, mapped to MITRE ATT&CK
  • Design and run social engineering and physical/insider threat simulations, informed by real-world TTPs
  • Attack cloud environments, Kubernetes, and CI/CD pipelines, identifying misconfigurations and privilege escalation paths before real attackers do
  • Conduct source code analysis and application-layer exploitation against trading, payments, and internal platforms
  • Red-team our AI agent stack: prompt injection, tool-calling abuse, agent-to-agent trust boundaries, and credential exposure in agentic workflows
  • Build and maintain custom tooling, C2 infrastructure, and payloads that evade modern detection stacks
  • Write engagement reports and executive summaries that lead to actual remediation, not shelf-ware
  • Partner with SOC and Threat Hunting to run purple-team exercises, closing detection gaps you exploited
  • Mentor L1/L2 operators and contribute to the offensive security capability roadmap


Who You Are

  • 6+ years doing actual offensive security. Full-scope red team, not a string of scoped pentests
  • OSCP required. OSCE, OSEP, OSED, CRTO or equivalent adversary simulation cert gets you a real look
  • Real depth in at least three of: internal AD/network exploitation, cloud attack paths (AWS/GCP), web/API exploitation, custom C2 development, social engineering/physical, mobile
  • You can write your own tooling and implants in Python, Go, or Rust. Not just running Cobalt Strike out of the box
  • You've operated against modern EDR-instrumented environments and know what it actually takes to not get caught
  • You understand blast radius in a regulated fintech and know how to break things without breaking the business
  • You can write a report that gets fixed, not filed


The Honest Reality

You'll sit inside a Security & AI Engineering org that treats offensive security as a real discipline, not a line item for the compliance audit.

You'll work across Dubai and Malaysia with a team that runs actual incident response, not tabletop exercises with fake scenarios.

You'll have a direct line from finding a hole to it getting closed, and room to build the tooling and run the engagements that shape how we red-team the AI agents everyone else is still figuring out how to even think about.


Job Details

Role Level: Mid-Level Work Type: Full-Time
Country: United Arab Emirates City: Dubai
Company Website: https://www.deriv.com/careers Job Function: Information Technology (IT)
Company Industry/
Sector:
Other

What We Offer


About the Company

Searching, interviewing and hiring are all part of the professional life. The TALENTMATE Portal idea is to fill and help professionals doing one of them by bringing together the requisites under One Roof. Whether you're hunting for your Next Job Opportunity or Looking for Potential Employers, we're here to lend you a Helping Hand.

Report

Disclaimer: talentmate.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at abuse@talentmate.com.


Recent Jobs
View More Jobs
Talentmate Instagram Talentmate Facebook Talentmate YouTube Talentmate LinkedIn