19 Penetration Tester jobs in Singapore
Penetration Tester
Posted today
Job Viewed
Job Description
Company:
Fortiedge Pte. Ltd.
About Us:
Fortiedge is a cybersecurity firm dedicated to protecting our clients' digital assets. We are committed to innovation, excellence, and providing top-notch services. Join our team and help us safeguard the future.
Job Description:
We are seeking a skilled and motivated Penetration Tester to join our cybersecurity team. The ideal candidate will have a strong background in ethical hacking and a passion for identifying and mitigating security vulnerabilities. As a Penetration Tester, you will be responsible for conducting comprehensive security assessments, simulating cyber-attacks, and providing actionable recommendations to enhance our clients' security posture.
Key Responsibilities
- Conduct penetration testing on web/mobile applications, networks, and systems.
- Conduct source code review.
- Identify and exploit security vulnerabilities in various environments.
- Develop and execute test plans, methodologies, and tools.
- Document findings and provide detailed reports with remediation recommendations.
- Stay up-to-date with the latest security trends, tools, and techniques.
Qualifications
- Bachelor's degree in Computer Science, Information Security, or a related field.
- Proven experience in penetration testing and ethical hacking.
- Proficiency with penetration testing tools (e.g., Metasploit, Burp Suite, Nmap).
- Strong understanding of network protocols, operating systems, and web technologies.
- Relevant certifications (e.g., OSCP, CEH, CISSP) are highly desirable.
- Excellent problem-solving skills and attention to detail.
- Strong communication skills, both written and verbal.
- Ability to work independently and as part of a team.
Benefits
- Competitive salary and performance-based bonuses.
- Comprehensive health, dental, and vision insurance.
- Professional development opportunities and certification reimbursements.
- Flexible working hours and remote work options.
- Collaborative and inclusive work environment.
penetration tester
Posted today
Job Viewed
Job Description
Job Overview
We seek a Penetration Testing with CAT1 clearance to lead VAPT for Singapore government and critical infrastructure sectors. You will execute full-scope attacks (networks, apps, cloud, OT), bypass advanced defenses, and deliver actionable remediation strategies. This role requires CREST/OSCP certification, deep exploit development skills, and experience with GovTech cybersecurity frameworks.
Core Responsibilities
Advanced Threat Emulation:
1. CAT1-cleared engagements:
2. Network: Breach segmented govt networks (e.g., air-gapped systems)
3. Applications: Exploit web/mobile apps (SCADA interfaces, GovTech portals)
4. Cloud: Attack AWS GovCloud/Azure Government environments
5. OT: ICS/SCADA system penetration (Siemens, Rockwell)
6. Develop custom malware/exploits (C++, Python) to evade EDR/XDR.
Red Team Operations:
1. Lead multi-vector campaigns:
2. Phishing (Evade Proofpoint/MS ATP)
3. Physical security bypass (RFID cloning, access control spoofing)
4. Wireless attacks (802.1X, WPA3-Enterprise)
5. Document TTPs aligned with MITRE ATT&CK for ICS/Enterprise.
Govt Compliance & Reporting:
1. Align tests with IM8, CSA Red Teaming Guidelines, and NIST SP 800-115.
2. Deliver executive briefings to CISOs with exploit demos.
3. Create remediation playbooks
Research & Development:
1. Reverse engineer firmware (Binwalk, Ghidra) for 0-day discovery.
2. Contribute to ASEAN CERT advisories (e.g., SingCERT).
Technical Requirements
Non-Negotiable Credentials
1. CAT1 Security Clearance
2. Active Certifications: OSCP or CREST CRT/CCT (Inf/App)
3. 2+ years in pentesting
Tool Proficiency
1. Exploitation - Metasploit Pro, Cobalt Strike, Burp Suite Pro, PowerSploit
2. Post-Exploit - BloodHound, Mimikatz, Impacket, Covenant C2
3. Forensics - Volatility, Wireshark, CHIRP (ICS)
4. Wireless - HackRF One, Proxmark3, Wi-Fi Pineapple
5. Cloud - Pacu (AWS), MicroBurst (Azure), GCP IAM Exploit Toolkit
Preferred Qualifications
1. Certifications: OSCE³, CREST CCT Gold, OSCP
2. Govt Framework Experience: IM8 Penetration Test Guidelines, CSA Cyber Essentials
3. Public Contributions: CVEs, exploit-db submissions, conference talks (Black Hat Asia, DEFCON)
Tell employers what skills you haveSecurity Clearance
Remediation
Wireshark
Exploitation
Physical Security
Wireless
Access Control
SCADA
Phishing
Gold
Penetration Testing
Python
Firmware
GCP
Burp Suite
PENETRATION TESTER
Posted today
Job Viewed
Job Description
Job Overview
We are seeking for a Penetration Tester with CAT1 Security Clearance to lead VAPT for Singapore government and critical infrastructure sectors. You will execute full-scope attacks (networks, apps, cloud, OT), bypass advanced defenses, and deliver actionable remediation strategies.
This role requires CREST/OSCP certification, deep exploit development skills, and experience with GovTech cybersecurity frameworks.
Core Responsibilities
Advanced Threat Emulation:
CAT1-cleared engagements:
Network: Breach segmented govt networks (e.g., air-gapped systems)
Applications: Exploit web/mobile apps (SCADA interfaces, GovTech portals)
Cloud: Attack AWS GovCloud/Azure Government environments
OT: ICS/SCADA system penetration (Siemens, Rockwell)
Develop custom malware/exploits (C++, Python) to evade EDR/XDR.
Red Team Operations:
Lead multi-vector campaigns:
Phishing (Evade Proofpoint/MS ATP)
Physical security bypass (RFID cloning, access control spoofing)
Wireless attacks (802.1X, WPA3-Enterprise)
Document TTPs aligned with MITRE ATT&CK for ICS/Enterprise.
Govt Compliance & Reporting:
Align tests with IM8, CSA Red Teaming Guidelines, and NIST SP 800-115.
Deliver executive briefings to CISOs with exploit demos.
Create remediation playbooks
Research & Development:
Reverse engineer firmware (Binwalk, Ghidra) for 0-day discovery.
Contribute to ASEAN CERT advisories (e.g., SingCERT).
Technical Requirements
Non-Negotiable Credentials:
CAT1 Security Clearance
Active Certifications: OSCP or CREST CRT/CCT (Inf/App)
2+ years in pentesting
Tool Proficiency
Exploitation - Metasploit Pro, Cobalt Strike, Burp Suite Pro, PowerSploit
Post-Exploit - BloodHound, Mimikatz, Impacket, Covenant C2
Forensics - Volatility, Wireshark, CHIRP (ICS)
Wireless - HackRF One, Proxmark3, Wi-Fi Pineapple
Cloud - Pacu (AWS), MicroBurst (Azure), GCP IAM Exploit Toolkit
Preferred Qualifications
Certifications: OSCE3, CREST CCT Gold, OSCP
Govt Framework Experience: IM8 Penetration Test Guidelines, CSA Cyber Essentials
Public Contributions: CVEs, exploit-db submissions, conference talks (Black Hat Asia, DEFCON)
#J-18808-Ljbffr
Penetration Tester
Posted today
Job Viewed
Job Description
- Vulnerability Assessment : Conducting thorough assessments of Web, Mobile, Thick Client systems and networks to identify potential security weaknesses.
- Penetration Testing : Simulating cyber attacks to test the effectiveness of security measures and identify exploitable vulnerabilities.
- Reporting : Documenting findings and providing detailed reports to stakeholders, including recommendations for remediation.
- Collaboration : Working with IT and security teams to implement security improvements based on test results.
- Staying Updated : Keeping abreast of the latest security trends, threats, and technologies to enhance testing methodologies.
- Compliance : Ensuring that security practices comply with industry standards and regulations.
Consultant - Penetration Tester
Posted today
Job Viewed
Job Description
Identifies and mitigates cyber risks by assessing systems, networks, and applications for vulnerabilities. They simulate real-world attacks, document findings, and provide security improvement recommendations. Staying updated on cybersecurity trends, they collaborate with other professionals to develop comprehensive security strategies.
- Conduct security assessments on systems, networks, and applications.
- Simulate cyber attacks to identify system vulnerabilities.
- Typical security testing activities include:
- Software/Web Application/Web Services penetration testing
- Network Penetration Testing
- Mobile Application Penetration Testing
- Thick Client Penetration Testing
- Develop and execute penetration testing methodologies.
- Prepare detailed reports on the findings of penetration tests.
- Recommend and implement improvements to security policies.
- Stay updated with the latest penetration testing tools and techniques.
- Train staff on security awareness and procedures.
- Collaborate with IT staff to improve system security.
Requirements:
- Bachelor's degree in information security, information systems management, computer science, engineering, or other related discipline.
- More than 2 years of experience in information technology, IT audits, or cyber security.
- Proven experience as a Penetration Tester or similar role in cybersecurity.
- Proficiency in using automated tools and manual testing techniques.
- Strong understanding of common vulnerabilities and exploits.
- Relevant certifications (e.g., CEH, OSCP, CREST) are strongly preferred.
- Excellent problem-solving and analytical skills.
- Must be able to work under pressure and produce content to tight timelines.
- Ability to self-manage, prioritizing a variety of tasks.
Security Penetration Tester
Posted today
Job Viewed
Job Description
We are seeking a highly skilled Security Pentester with proven expertise in identifying, exploiting, and documenting vulnerabilities across networks, applications, and systems. The ideal candidate will hold an OSCP certification and possess strong hands-on experience with penetration testing tools, methodologies, and reporting.
Key Responsibilities- Perform penetration testing on applications, networks, cloud, APIs, and systems to identify vulnerabilities.
- Conduct vulnerability assessments and exploit proof-of-concepts (PoCs).
- Develop and execute threat models and attack simulations.
- Collaborate with development, infrastructure, and security teams to remediate identified vulnerabilities.
- Prepare and deliver detailed reports including risk ratings, technical findings, and mitigation strategies.
- Stay updated on the latest security threats, exploits, and industry trends.
- Ensure compliance with industry standards (e.g., OWASP, NIST, ISO 27001, PCI DSS).
- Bachelor's degree in Computer Science, Information Security, or related field , or equivalent experience.
- OSCP certification (mandatory).
- 3–5 years of hands-on penetration testing experience.
- Proficiency with penetration testing tools (Burp Suite, Metasploit, Nmap, Wireshark, Nessus, etc.).
- Strong understanding of web application security , network protocols, operating systems, and cloud environments.
- Knowledge of scripting languages (Python, Bash, PowerShell, etc.) for custom exploit development.
- Excellent problem-solving and report writing skills.
- Additional certifications: OSWE, OSEP, GPEN, CEH, CREST CRT, or similar .
- Experience with Red Team engagements .
- Familiarity with DevSecOps and CI/CD security testing.
- Understanding of threat intelligence and adversary simulation frameworks (MITRE ATT&CK).
- Strong communication and presentation skills.
- Ability to work independently and in a team.
- Analytical and detail-oriented mindset.
- Passionate about ethical hacking and continuous learning.
Junior Penetration Tester
Posted today
Job Viewed
Job Description
Job Summary
We are seeking a motivated and detail-oriented
Junior Penetration Tester
to join our cybersecurity team based in Singapore. In this role, you will assist in identifying vulnerabilities in systems, networks, and applications by performing security assessments and penetration tests. The ideal candidate must be able to work both independently and collaboratively as part of a team, adapting to various project needs. You will work closely with senior security professionals, with ample opportunities for learning and growth in ethical hacking and vulnerability management.
Key Responsibilities
Conduct penetration tests on networks, applications, and systems to identify vulnerabilities and recommend remediation measures.
Work both independently and collaboratively to complete penetration testing projects, ensuring deadlines and quality standards are met.
Research and exploit vulnerabilities using various tools and techniques.
Document findings in detailed reports and present them to the internal team and stakeholders.
Collaborate with developers, system administrators, and other IT staff to implement security measures.
Stay updated on the latest cybersecurity trends, attack vectors, and security technologies.
Support the team in preparing for and responding to security incidents when necessary.
Follow established cybersecurity processes and frameworks (e.g., OWASP, NIST).
Assist in conducting security reviews and risk assessments for new and existing systems.
Requirements
Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent experience).
Strong understanding of networking concepts, operating systems (Windows, Linux), and web applications.
Basic knowledge of penetration testing techniques and tools (e.g., Nmap, Metasploit, Burp Suite, Wireshark).
Familiarity with common security frameworks and methodologies (e.g., OWASP Top 10, NIST).
Ability to work both independently on assigned tasks and collaboratively in a team environment.
Strong problem-solving and analytical skills.
Excellent written and verbal communication skills.
Preferred Qualifications
Relevant certifications (e.g., CEH, CompTIA Security+, eJPT, OSCP) are a plus.
Basic scripting skills (e.g., Python, Bash) and knowledge of automation tools for security testing.
Understanding of cloud security concepts and testing.
Experience with cybersecurity regulations and compliance standards in Singapore (e.g., PDPA, MAS TRM).
#J-18808-Ljbffr
Be The First To Know
About the latest Penetration tester Jobs in Singapore !
Trainee for Penetration Tester
Posted today
Job Viewed
Job Description
We are looking for 4 trainee for the following role.
Role:
Perform penetration testing & Vulnerability Assessment based on proven methodologies.
Web application penetration testing
Mobile application penetration testing
Network penetration testing
Perform security hardening review of infrastructure, common operating systems and servers.
Perform Source Code Review.
Training and Mentorship:
As a Penetration Tester Trainee, you will receive extensive training and mentorship to equip you with the necessary knowledge and skills. Our training program includes:
Comprehensive training modules covering penetration testing methodologies, tools, and techniques.
Hands-on exercises and labs to gain practical experience in identifying and exploiting vulnerabilities.
Exposure to a variety of real-world scenarios and challenges to develop your problem-solving skills.
Access to industry-standard penetration testing tools and platforms.
Regular feedback and guidance from experienced penetration testers who will serve as mentors throughout your training period.
Opportunities to shadow and assist senior penetration testers on client engagements.
Continuous learning and professional development through workshops, conferences, and online resources.
Requirements:
Strong interest in cybersecurity and a passion for learning about penetration testing.
Basic understanding of computer networks, operating systems, and web technologies.
Familiarity with common penetration testing tools and techniques is a plus.
Excellent problem-solving and analytical skills.
Effective written and verbal communication skills.
Ability to work both independently and collaboratively within a team.
Demonstrated ability to handle confidential information with professionalism and integrity.
Job Requirements:
Candidate must possess at least Diploma/Professional Degree in Computer Science/Information Technology or equivalent.
PENETRATION TESTER - GOVT CLEARANCE
Posted 12 days ago
Job Viewed
Job Description
Job Overview
We seek a Penetration Testing with CAT1 clearance to lead VAPT for Singapore government and critical infrastructure sectors. You will execute full-scope attacks (networks, apps, cloud, OT), bypass advanced defenses, and deliver actionable remediation strategies. This role requires CREST/OSCP certification, deep exploit development skills, and experience with GovTech cybersecurity frameworks.
Core Responsibilities
Advanced Threat Emulation:
1. CAT1-cleared engagements:
2. Network: Breach segmented govt networks (e.g., air-gapped systems)
3. Applications: Exploit web/mobile apps (SCADA interfaces, GovTech portals)
4. Cloud: Attack AWS GovCloud/Azure Government environments
5. OT: ICS/SCADA system penetration (Siemens, Rockwell)
6. Develop custom malware/exploits (C++, Python) to evade EDR/XDR.
Red Team Operations:
1. Lead multi-vector campaigns:
2. Phishing (Evade Proofpoint/MS ATP)
3. Physical security bypass (RFID cloning, access control spoofing)
4. Wireless attacks (802.1X, WPA3-Enterprise)
5. Document TTPs aligned with MITRE ATT&CK for ICS/Enterprise.
Govt Compliance & Reporting:
1. Align tests with IM8, CSA Red Teaming Guidelines, and NIST SP 800-115.
2. Deliver executive briefings to CISOs with exploit demos.
3. Create remediation playbooks
Research & Development:
1. Reverse engineer firmware (Binwalk, Ghidra) for 0-day discovery.
2. Contribute to ASEAN CERT advisories (e.g., SingCERT).
Technical Requirements
Non-Negotiable Credentials
1. CAT1 Security Clearance
2. Active Certifications: OSCP or CREST CRT/CCT (Inf/App)
3. 2+ years in pentesting
Tool Proficiency
1. Exploitation - Metasploit Pro, Cobalt Strike, Burp Suite Pro, PowerSploit
2. Post-Exploit - BloodHound, Mimikatz, Impacket, Covenant C2
3. Forensics - Volatility, Wireshark, CHIRP (ICS)
4. Wireless - HackRF One, Proxmark3, Wi-Fi Pineapple
5. Cloud - Pacu (AWS), MicroBurst (Azure), GCP IAM Exploit Toolkit
Preferred Qualifications
1. Certifications: OSCE³, CREST CCT Gold, OSCP
2. Govt Framework Experience: IM8 Penetration Test Guidelines, CSA Cyber Essentials
3. Public Contributions: CVEs, exploit-db submissions, conference talks (Black Hat Asia, DEFCON)
Information Security Specialist - Penetration Tester

Posted 3 days ago
Job Viewed
Job Description
Singapore, Singapore
**Hours:**
40
**Line of Business:**
Technology Solutions
**Pay Details:**
We're committed to providing fair and equitable compensation to all our colleagues. As a candidate, we encourage you to have an open dialogue with a member of our HR Team and ask compensation related questions, including pay details for this role.
**Job Description:**
**Responsibilities:**
+ **Conduct Penetration Tests:** Perform thorough and methodical penetration testing on web applications, mobile, AI, network infrastructures, and other systems to identify security vulnerabilities.
+ **Vulnerability Assessment:** Assess and analyze security weaknesses, and provide actionable recommendations to mitigate risks and improve overall security posture.
+ **Report Findings:** Document and communicate findings clearly and effectively to both technical and non-technical stakeholders. Prepare comprehensive reports with recommendations for remediation.
+ **Develop and Execute Test Plans:** Design and execute detailed test plans
+ **Stay Current:** Keep up-to-date with the latest security trends, vulnerabilities, and tools to ensure testing methodologies are current and effective.
+ **Collaborate with Teams:** Work closely with IT and development teams to understand system architectures, provide guidance on security best practices, and support the implementation of security improvements.
+ **Perform Risk Assessments:** Evaluate and assess potential security risks related to new and existing systems and technologies.
+ **Compliance:** Ensure that penetration testing practices comply with relevant regulations, standards, and organizational policies.
**Requirements:**
+ At least 10 years of relevant experience
+ **Technical Skills:**
+ Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and Kali.
+ Knowledge of common web application vulnerabilities (e.g., OWASP Top Ten) and network security principles.
+ **Analytical Skills:** Strong analytical and problem-solving abilities with attention to detail.
+ **Communication:** Excellent verbal and written communication skills, with the ability to convey complex technical concepts to non-technical stakeholders.
+ **Ethical Standards:** Demonstrated understanding of ethical hacking principles and a commitment to maintaining high ethical standards.
**Preferred Qualifications:**
+ Experience with penetration testing in AI, cloud environments (e.g., AWS, Azure) and PCI testing.
+ Familiarity with security standards and frameworks
+ **Certifications:** Relevant certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN) are highly desirable.
**Who We Are**
TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues.
TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you.
**Our Total Rewards Package**
Our Total Rewards package reflects the investment we make in our colleagues to help them, and their families achieve their well-being goals. Total Rewards at TD includes a base salary and several other key plans such as health and well-being benefits, including medical coverage, paid time off, career development, and reward and recognition programs.
**Additional Information:**
We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home.
**Colleague Development**
If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals.
**Training & Onboarding**
We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role.
**Interview Process**
We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call.
**Accommodation**
If you require an accommodation for the recruitment / interview process (including alternate formats of materials, or accessible meeting rooms or other accommodation), please let us know and we will work with you to meet your needs.
Federal law prohibits job discrimination based on race, color, sex, sexual orientation, gender identity, national origin, religion, age, equal pay, disability and genetic information.