9 Security Assessments jobs in Singapore

As a Cybersecurity Professional, you will be part of an international connected team of specialists helping clients with their most complex cybersecurity needs and contributing toward their business resilience.

Our role offers a unique chance to build a career as unique as you are, with global scale support inclusive culture and technology to become the best version of you. We value your unique voice and perspective to help us become even better too.

• Perform web application penetration testing
• Perform mobile application penetration testing
• Perform IT and OT network penetration testing
• Perform IOT penetration testing,
• Perform source code reviews
• Perform red team assessments
• Conduct social engineering exercises

Key skills for this position include:

• Communication – Demonstrate that you listen understand before responding
• Knowledgeable – Demonstrate deep technical capabilities and understanding of the client's problems.
• Curiosity – Be proactive learn fast seek to identify issues that others might miss.
• Integrity – Conduct yourself as per our values, and do not be afraid to admit mistakes.
• Impact – Consistently deliver exceptional quality work that positively impacts the projects that you are on.
• Teamwork – You seek to ensure that the team succeeds, rather than only yourself.

This is an exciting opportunity to take your passion for cybersecurity to the next level and make a real difference in the lives of our clients.

We offer flexible working arrangements and a diverse inclusive culture where you'll be empowered to use your voice to help others find theirs.

Job Description:

• Design and perform tests and check cases to determine if infrastructure components, systems and applications meet confidentiality, integrity, authentication, availability, authorisation, and non-repudiation standards.
• Translate requirements into test plan, write and execute test scripts or codes in line with standards and procedures to determine vulnerability to attacks.
• Certify infrastructure components, systems and applications that meet security standards.

Requirements:

• Minimum total three years’ work experience as Penetration Testing Specialist

Job Description:

• Design and perform tests and check cases to determine if infrastructure components, systems and applications meet confidentiality, integrity, authentication, availability, authorisation, and non-repudiation standards.
• Translate requirements into test plan, write and execute test scripts or codes in line with standards and procedures to determine vulnerability to attacks.
• Certify infrastructure components, systems and applications that meet security standards.

Requirements:

• Minimum total seven years’ work experience as Penetration Testing Specialist

Position Overview
The
Penetration Testing function
will be responsible for planning and overseeing the delivery of testing and certification services, or designing and performing tests and check cases to determine if infrastructure components, systems and applications meet confidentiality, integrity, authentication, availability, authorisation and non-repudiation standards. He/she translates requirements into test plans, writes and executes test scripts or codes in line with standards and procedures to determine vulnerability from attacks. He/she certifies infrastructure components, systems and applications that meet security standards. Where required, he/she will report on testing outcomes and activities, provide recommendations and manages stakeholder expectations, and ensure compliance with assessment and testing standards, processes and tools. He/She will also help to develop the organisational security testing capability and support knowledge management.
Role & Responsibilities
Operate a hands-on role involving Penetration testing and Vulnerability assessment of the ICT systems (i.e. Web, Mobile, Thick Client, Network).
Plan and create penetration testing methods, scripts, and tests.
Carry out scoping activities to identify what components of a given system require penetration testing
Define test requirements and criteria to carry out the Penetration Testing.
Create reports and recommendations from findings, security issues and level of Risk.
Advise on methods to fix or lower security risks to Development Team.
Present findings, Risks, and conclusions to stakeholders.
Automate penetration testing activities to save time and effort.
Be a mentor and carry out training sessions to new joiners and junior resources on Penetration Testing activities.
Involves on the Security Testing and other Tools procurement activities.
Work on the Penetration Testing Process improvement areas.
Requirements
5+ years of relevant experience including Penetration Testing on (Web Application, Mobile, Thick Client and Infrastructure applications)
Business risk along with good reporting writing and client presentation skills. Consulting experience within a Professional Services organization.
Strong analytical skills and ability to work independently.
Have a strong sense of responsibility towards delivery of project objectives
Equipped with programming skills in at least one of following programming language/environment such as SAP, ABAP, .NET, Python, Ruby, JAVA or Regular expression.
Experience in healthcare industry will be an added advantage.
Must have the OSCP or CREST-CRT Certifications.Any other Certifications like OSCE, CISSP would be advantage.
Would be a good team player.
Excellent verbal and written communication skills.
NOTE: It only takes a few minutes to apply for a meaningful career in HealthTech - GO FOR IT!
#J-18808-Ljbffr

We are looking to recruit a Research Assistant for the project “AI for Cybersecurity – Automatic Agentic Penetration Testing”, which will be hosted at the Institute of Data Science (IDS), National University of Singapore (NUS) and led by Prof Ng See Kiong.
This project advances state-of-the-art AI methods to create effective AI agents for automated penetration testing. Selected candidates will contribute to deep AI research as well as focused translational work and system development for real-world users and industry partners.
Overview
The Research Assistant will support research and engineering activities in AI for automated, responsible penetration testing. You will help design, implement, and evaluate agentic AI approaches; build and maintain software prototypes and experimental testbeds; and assist with data, documentation, and stakeholder engagement. This role provides hands-on experience across AI research, cybersecurity tooling, and practical deployment at IDS.
Job Description
Job Summary: The Research Assistant will support research and engineering activities in AI for automated, responsible penetration testing.
Responsibilities
Design and write robust, readable, and reusable code components and applications to implement state-of-the-art research outcomes in cybersecurity, machine learning, artificial intelligence, and big data.
Perform data engineering tasks including data cleansing and processing for analysis of real-world datasets.
Assist with the editing and preparation of manuscripts, reports and presentations.
Participate in presentations and demos for exhibiting work at appropriate events.
Qualifications
Bachelors or Masters in Computer Science with a focus in Cybersecurity, AI, Machine Learning and Big Data.
Solid programming and application development skills (Python preferred) and experience with ML frameworks (e.g., PyTorch, TensorFlow) and modern development practices (Git, testing, CI/CD).
Ability to develop robust systems and prototypes with fast turn-around.
Possesses research background with ability to read and understand methodologies in research papers.
Fluent in English and good team-player.
Prior AI expertise with knowledge and interest in cybersecurity applications (e.g., penetration testing, vulnerability discovery, secure software engineering) and LLM-based agents is preferred.
Please include links to your GitHub repositories showcasing your best project relevant to these topics in your CV/cover letters. We regret that only shortlisted candidates will be notified.
#J-18808-Ljbffr

Interested applicants are invited to apply directly at the NUS Career Portal
Your application will be processed only if you apply via NUS Career Portal
We regret that only shortlisted candidates will be notified.
Overview
We are looking to recruit a Research Fellow for the project “AI for Cybersecurity – Automatic Agentic Penetration Testing”, which will be hosted at the Institute of Data Science (IDS), National University of Singapore (NUS) and led by Prof Ng See Kiong. This project advances state-of-the-art AI methods to create effective AI agents for automated penetration testing. Selected candidates will contribute to deep AI research as well as focused translational work and system development for real-world users and industry partners.
Only shortlisted candidates will be notified. Please include links to your GitHub repositories showcasing your best project relevant to these topics in your CV/cover letters.
Job Description
Job Summary : The Research Fellow will be responsible for undertaking in-depth research and innovation in machine learning, data science, and artificial intelligence on cybersecurity that leads to publications in top-tier international conferences and journals, as well as real-world implementations. The role includes designing novel algorithms, building robust software systems, and collaborating with stakeholders to translate research into practical tools and workflows. Candidates will be working alongside researchers and practitioners in AI, cybersecurity, and software engineering.
Responsibilities:
Develop new concepts and algorithms in data science, machine learning, and artificial intelligence for cybersecurity and automated penetration testing.
Ability to work in a face-paced research environment.
Be up to date on state-of-the-art methodologies in related technical fields and application domains.
Develop ideas for application of research outcomes.
Contribute to knowledge exchange activities with external partners and collaborators.
Requirements
PhD in Computer Science, with specialization related to cybersecurity, machine learning, data mining or artificial intelligence.
Proven ability to conduct independent research with a strong and relevant publication record.
Prior AI expertise with a strong publication track record in areas such as machine learning, deep learning, reinforcement learning or LLMs/agents.
Knowledge and demonstrable interest in cybersecurity applications (e.g., penetration testing, vulnerability discovery).
Proficiency in programming and software engineering (Python preferred), including experience with ML frameworks (e.g., PyTorch, TensorFlow).
Excellent interpersonal communication and oral presentation skills in English.
#J-18808-Ljbffr

MINDEF

Permanent

Closing on 21 Sep 2025

What the role is

You will play a pivotal role in safeguarding Singapore's defence and security interests by conducting comprehensive Penetration Testing (PT), Vulnerability Assessments (VA), and Source Code Security Reviews on IT assets, including infrastructure, web applications, and military applications.

What you will be working on

• Conduct comprehensive Penetration Testing (PT), Vulnerability Assessments (VA), and Source Code Security Reviews on IT assets, including infrastructure, web applications, and military applications
• Develop tailored security assessment tools and scripts to enhance testing capabilities and address evolving threat vectors
• Document findings, conduct analysis, and prepare detailed technical reports, including executive summaries for various stakeholders
• Collaborate with security engineers, developers, and other stakeholders to provide actionable guidance on remediating identified security risks and vulnerabilities
• Provide expertise in the design and implementation of security controls across applications, infrastructure, and network systems
• Develop and deliver specialised training and awareness programs to elevate the cybersecurity capabilities of the SAF personnel, with opportunities for growth in leadership and knowledge-sharing in the military cybersecurity context
• Maintain up-to-date knowledge of emerging threats, security best practices, and industry-standard frameworks
  Challenge(s)
• Maintaining consistent quality under time pressure
• Quickly learning and troubleshooting various tools and platforms

What we are looking for

• Education in Information Security, Computer Science, IT or a related field
• Industry-recognised certifications such as CREST CRT, GPEN, or OSCP
• At least 1 year of hands-on experience in conducting PT and VA, with a strong preference for experience in military or government-focused penetration testing
• Experience conducting security assessments on application infrastructure, networks, and cloud-based systems
• Strong understanding of web application, infrastructure, and network security architecture
• Excellent communication and presentation skills, with a focus on conveying complex security findings to both technical and non-technical stakeholders
• Ability to work independently and collaboratively within cross-functional teams
• Highly analytical, self-driven, and committed to continuous learning and skill enhancement
• Proficiency in scripting languages, such as Python, PowerShell, JavaScript, VBScript, Ruby, or Perl
• Track record of identifying and disclosing vulnerabilities or recognition in Capture-The-Flag (CTF) competitions
• Proficiency with tools such as BurpSuite, Metasploit, Nexpose, Nessus, and other industry-standard penetration testing and vulnerability assessment tools
  Appointment will be commensurate with your experience.
  Only shortlisted candidates will be notified.

About MINDEF

The mission of MINDEF and the Singapore Armed Forces is to enhance Singapore's peace and security through deterrence and diplomacy, and should these fail, to secure a swift and decisive victory over the aggressor.
The Defence Executive Officer (DXO) scheme is the non-uniformed career scheme of MINDEF that offers myriad opportunities in various job functions, such as corporate communications, cyber security, data analytics and visualisation, defence policy, finance, HR, psychology, and more. Embodying the same level of commitment towards defence, DXOs work together with their military counterparts to contribute to MINDEF/SAF's mission and ensure Singapore's security and stability. United by this common cause, our lines of defence complement each other to secure the prosperity and progress of our nation.

About your application process

This job is closing on 21 Sep 2025.

If you do not hear from us within 4 weeks of the job ad closing date, we seek your understanding that it is likely that we are not moving forward with your application for this role. We thank you for your interest and would like to assure you that this does not affect your other job applications with the Public Service. We encourage you to explore and for other roles within MINDEF or the wider Public Service.

Military Security Department

Permanent

What the role is

You will be part of a team that conducts audits and evaluates risk-handling of MINDEF/ SAF'S information.

What you will be working on

You will be part of a team to formulate and review risk assessment frameworks and indicators; conduct security risk assessments of industries and qualify industries and facilities to handle classified information. You will also be mitigating risks to an acceptable level.

What we are looking for

You should have a tertiary education, be resourceful and possess good interpersonal and communication skills. Prior experience in security management/risk assessment would be advantageous.

About Military Security Department

The Military Security Department (MSD)'s core business is in Counter Intelligence and internal security for MINDEF/SAF. MSD was formed in 1975 to counter the threats of espionage, subversion and sabotage against MINDEF/SAF. It began with two main entities, namely the Counter Intelligence Branch (CIB) and Field Security Branch (FSB). Over the years, the department has continued to evolve and our roles expanded in tandem with the changing security environment. Today, our roles also include Counter Terrorism and Cyber Security.

About your application process

If you do not hear from us within 4 weeks of the job ad closing date, we seek your understanding that it is likely that we are not moving forward with your application for this role. We thank you for your interest and would like to assure you that this does not affect your other job applications with the Public Service. We encourage you to explore and for other roles within Military Security Department or the wider Public Service.