4 Penetration Testing jobs in Singapore
Penetration Testing Specialist
Posted today
Job Viewed
Job Description
About the Role
As a Penetration Testing Specialist, reporting to the Internal Audit function, you will play a critical role in evaluating the organization's cybersecurity posture by simulating real-world attacks and identifying vulnerabilities across systems, applications, and networks. Your work directly supports audit objectives by validating the effectiveness of security controls, ensuring regulatory compliance, and mitigating operational risks.
Key Responsibility
- Conduct comprehensive penetration tests on applications, databases, systems and networks to identify security vulnerabilities, and prepare a detail report on the findings.
- Propose measures to ensure that identified vulnerabilities are addressed.
- Work closely with IT, risk, and compliance teams to track remediation efforts and verify closure.
- Simulate cyber attacks to evaluate defensive measures and improve security posture.
Requirements
- Minimum 5 years of hands-on penetration testing experience for web applications, mobile applications, APIs, network, databases and load testing.
- Experience conducting secure code review.
- Degree in computer science/computer engineering/information security or equivalent.
- Working knowledge of all aspects of information security is essential.
- Familiarity with systems and operational architecture of large internet companies or online business models.
- Good communication (spoken and written) skills, able to work independently and as a team.
- Certifications from either GIAC/Offensive Security/CREST required.
- Hands on experience in Kali Linux, Burp, and other advanced penetration testing, and secure code review tools.
- Good to have: Basic Mandarin skills for simple verbal and written communication with Chinese partners.
渗透测试专家
关于职位
作为一名向内部审计部门汇报的渗透测试专家,您将在评估组织的网络安全态势方面发挥关键作用,通过模拟真实攻击并识别系统、应用程序和网络中的漏洞。您的工作将通过验证安全控制措施的有效性、确保合规性并降低运营风险,直接支持审计目标。
主要职责
- 对应用程序、数据库、系统和网络进行全面的渗透测试,以识别安全漏洞,并撰写详细的调查报告。
- 提出措施,确保已识别的漏洞得到解决。
- 与IT、风险和合规团队紧密合作,跟踪修复工作并验证漏洞已关闭。
- 模拟网络攻击,评估防御措施并提升安全态势。
职位要求
- 至少5年Web应用程序、移动应用程序、API、网络、数据库和负载测试的渗透测试经。
- 具备安全代码审查经验。
- 计算机科学/计算机工程/信息安全或同等学历。
- 具备信息安全各方面的工作知识。
- 熟悉大型互联网公司或在线商业模式的系统和运营架构。
- 良好的沟通能力,能够独立工作和团队合作。
- 需持有GIAC/Offensive Security/CREST认证。
- 具有 Kali Linux、Burp 和其他高级渗透测试及安全代码审查工具的实践经验。
- 加分项:具备基础中文能力,能够进行简单的口头和书面沟通。
Penetration Testing Specialist
Posted today
Job Viewed
Job Description
As a Cybersecurity Professional, you will be part of an international connected team of specialists helping clients with their most complex cybersecurity needs and contributing toward their business resilience.
">Our role offers a unique chance to build a career as unique as you are, with global scale support inclusive culture and technology to become the best version of you. We value your unique voice and perspective to help us become even better too.
">- Perform web application penetration testing
- Perform mobile application penetration testing
- Perform IT and OT network penetration testing
- Perform IOT penetration testing,
- Perform source code reviews
- Perform red team assessments
- Conduct social engineering exercises
Key skills for this position include:
">- Communication – Demonstrate that you listen understand before responding
- Knowledgeable – Demonstrate deep technical capabilities and understanding of the client's problems.
- Curiosity – Be proactive learn fast seek to identify issues that others might miss.
- Integrity – Conduct yourself as per our values, and do not be afraid to admit mistakes.
- Impact – Consistently deliver exceptional quality work that positively impacts the projects that you are on.
- Teamwork – You seek to ensure that the team succeeds, rather than only yourself.
This is an exciting opportunity to take your passion for cybersecurity to the next level and make a real difference in the lives of our clients.
">We offer flexible working arrangements and a diverse inclusive culture where you'll be empowered to use your voice to help others find theirs.
"),Manager (Penetration Test & Vulnerability Assessment)
Posted today
Job Viewed
Job Description
MINDEF
Permanent
Closing on 21 Sep 2025
What the role is
You will play a pivotal role in safeguarding Singapore's defence and security interests by conducting comprehensive Penetration Testing (PT), Vulnerability Assessments (VA), and Source Code Security Reviews on IT assets, including infrastructure, web applications, and military applications.
What you will be working on
- Conduct comprehensive Penetration Testing (PT), Vulnerability Assessments (VA), and Source Code Security Reviews on IT assets, including infrastructure, web applications, and military applications
- Develop tailored security assessment tools and scripts to enhance testing capabilities and address evolving threat vectors
- Document findings, conduct analysis, and prepare detailed technical reports, including executive summaries for various stakeholders
- Collaborate with security engineers, developers, and other stakeholders to provide actionable guidance on remediating identified security risks and vulnerabilities
- Provide expertise in the design and implementation of security controls across applications, infrastructure, and network systems
- Develop and deliver specialised training and awareness programs to elevate the cybersecurity capabilities of the SAF personnel, with opportunities for growth in leadership and knowledge-sharing in the military cybersecurity context
- Maintain up-to-date knowledge of emerging threats, security best practices, and industry-standard frameworks
Challenge(s) - Maintaining consistent quality under time pressure
- Quickly learning and troubleshooting various tools and platforms
What we are looking for
- Education in Information Security, Computer Science, IT or a related field
- Industry-recognised certifications such as CREST CRT, GPEN, or OSCP
- At least 1 year of hands-on experience in conducting PT and VA, with a strong preference for experience in military or government-focused penetration testing
- Experience conducting security assessments on application infrastructure, networks, and cloud-based systems
- Strong understanding of web application, infrastructure, and network security architecture
- Excellent communication and presentation skills, with a focus on conveying complex security findings to both technical and non-technical stakeholders
- Ability to work independently and collaboratively within cross-functional teams
- Highly analytical, self-driven, and committed to continuous learning and skill enhancement
- Proficiency in scripting languages, such as Python, PowerShell, JavaScript, VBScript, Ruby, or Perl
- Track record of identifying and disclosing vulnerabilities or recognition in Capture-The-Flag (CTF) competitions
- Proficiency with tools such as BurpSuite, Metasploit, Nexpose, Nessus, and other industry-standard penetration testing and vulnerability assessment tools
Appointment will be commensurate with your experience.
Only shortlisted candidates will be notified.
About MINDEF
The mission of MINDEF and the Singapore Armed Forces is to enhance Singapore's peace and security through deterrence and diplomacy, and should these fail, to secure a swift and decisive victory over the aggressor.
The Defence Executive Officer (DXO) scheme is the non-uniformed career scheme of MINDEF that offers myriad opportunities in various job functions, such as corporate communications, cyber security, data analytics and visualisation, defence policy, finance, HR, psychology, and more. Embodying the same level of commitment towards defence, DXOs work together with their military counterparts to contribute to MINDEF/SAF's mission and ensure Singapore's security and stability. United by this common cause, our lines of defence complement each other to secure the prosperity and progress of our nation.
About your application process
This job is closing on 21 Sep 2025.
If you do not hear from us within 4 weeks of the job ad closing date, we seek your understanding that it is likely that we are not moving forward with your application for this role. We thank you for your interest and would like to assure you that this does not affect your other job applications with the Public Service. We encourage you to explore and for other roles within MINDEF or the wider Public Service.
Security Testing Specialist
Posted today
Job Viewed
Job Description
*WHO WE ARE: *
As Singapore's longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.
Today, we're on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia's leading financial services partner for a sustainable future.
We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career.
Your Opportunity Starts Here.
Why Join
Protecting our customers' assets and data is at the heart of everything we do at OCBC. As a Security Testing Specialist, you'll play a critical role in safeguarding our systems and networks from cyber threats. You'll be part of a team that's shaping the future of cybersecurity in the financial industry.
How you succeed
To succeed in this role, you'll need to stay one step ahead of emerging threats. You'll work closely with our engineering teams to identify and mitigate risks, and develop strategies to protect our systems and data. You'll need to be proactive, collaborative, and always looking for ways to improve our cybersecurity posture.
What you do
- Perform application penetration testing on web-based applications, APIs
- Perform mobile application penetration testing across different mobile platforms
- Perform network penetration testing on systems.
- Exploit vulnerabilities to gain access and expand access to remote systems.
- Document and explain the technical details of the security issues identified during security assessments and recommend mitigation controls for remediation.
- Research cutting edge security topics and new attack vectors
- Conduct compliance testing on web-based application, mobile applications and thick/thin-client application that meet predetermined Technology Security Standards and other regulatory requirements such as MAS TRMG.
- Conduct secure code review when required
- Perform thick client penetration testing when required
Who you are
- Minimum 3 years of hands-on penetration testing experience for web applications, mobile applications, and APIs
- Experience conducting Secure Code Review
- Degree in computer science/computer engineering/information security or equivalent.
- A working knowledge of all aspects of information security is essential.
- Familiarity of MAS TRMG and other regulatory/industries requirements.
- Good communication (spoken and written) skills, able to work independently and as a team
- Certifications from either GIAC/Offensive Security/CREST required.
- Hands on experience in using Kali Linux, tools such as Burp, Tenable and other penetration testing, and secure code review tools
- Experience in conducting penetration testing for Banks in Singapore will be highly preferred
- Experience in conducting code review for AS400 and legacy mainframe systems will be an advantage
Who we are
As Singapore's longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.
Today, we're on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation.
But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia's leading financial services partner for a sustainable future.
We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career. Your Opportunity Starts Here.
What we offer
Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Equal opportunity. Fair employment. Selection based on ability and fit with our culture and values. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.
*What we offer: *
Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.
Be The First To Know
About the latest Penetration testing Jobs in Singapore !