182 Security Consultant jobs in Singapore

Role Overview

We are seeking a motivated and skilled Security Consultant to join our cybersecurity team. The ideal candidate will have hands-on experience in vulnerability assessment and penetration testing (VAPT), and a strong foundation in offensive security practices. This role requires a proactive individual who can assess, identify, and exploit security vulnerabilities across network and web environments, and provide actionable remediation recommendations to strengthen clients' security posture.

Key Responsibilities

• Conduct network and web application vulnerability assessments and penetration tests (VAPT) to identify and validate security risks.
• Prepare detailed reports outlining findings, risks, and practical remediation strategies.
• Work closely with clients and internal teams to deliver effective security solutions.
• Stay updated with emerging security threats, exploits, and industry best practices.
• Support internal research and development to enhance service offerings.

Requirements

• Nationality: Must be a Singapore Citizen.
• Experience: Minimum 2 years of relevant hands-on security testing experience.
• Certifications (at least one required): OSCP / OSCP+ / CRT
• Strong knowledge of network protocols, web application architecture, and common vulnerabilities (e.g., OWASP Top 10).
• Familiarity with industry-standard tools (e.g., Burp Suite, Metasploit, Nmap, Nessus, etc.).
• Strong analytical and problem-solving skills with attention to detail.
• Excellent communication and report-writing skills.

Good to Have

• Additional offensive security certifications (e.g., OSWE, OSEP, CRTO, CRTL).
• Exposure to source code review, cloud penetration testing and mobile application testing.
• Experience working with government or regulated industry clients.

Why Join Us?

• Opportunity to work on challenging, real-world security engagements.
• Professional growth through advanced projects and certifications.
• Collaborative and knowledge-sharing environment.

Binance is a leading global blockchain ecosystem behind the world's largest cryptocurrency exchange by trading volume and registered users. We are trusted by over 280 million people in 100+ countries for our industry-leading security, user fund transparency, trading engine speed, deep liquidity, and an unmatched portfolio of digital-asset products. Binance offerings range from trading and finance to education, research, payments, institutional services, Web3 features, and more. We leverage the power of digital assets and blockchain to build an inclusive financial ecosystem to advance the freedom of money and improve financial access for people around the world.

• Lead security assessments and audits focusing on mobile applications and blockchain platforms.
• Ensure the security of iOS applications by applying best practices in SWIFT development and mobile security mechanisms such as secure storage, sandbox isolation, anti-debugging, and Secure Enclave.
• Conduct security reviews and audits of blockchain technologies, including multi-signature wallets, smart contracts, cryptographic algorithms (ECDSA, EdDSA), and private key management.
• Collaborate with development teams to identify security risks and recommend mitigation strategies.
• Provide clear and actionable security guidance, documentation, and training to technical and non-technical stakeholders.
• Support compliance efforts by aligning security practices with industry standards and regulations.
• Act as a part-time consultant when needed, offering expert advice and security strategy support.

• Extensive experience in iOS security, familiar with SWIFT.
• Deep understanding of mobile security mechanisms including secure storage, sandboxing, anti-debugging, and Secure Enclave.
• Proven ability to secure mobile applications throughout the development lifecycle.
• Strong knowledge of blockchain technology and security.
• Experience with multi-signature wallets, smart contract auditing, cryptographic algorithms (ECDSA, EdDSA), and private key management.

• Proficiency in React framework and frontend security, including knowledge of common vulnerabilities such as XSS, CSRF, and SQL injection.
• Experience reviewing frontend code and providing security optimization recommendations.
• Familiarity with Go language development and backend security, including API security, data encryption, authentication/authorization (OAuth, JWT), and prevention of vulnerabilities like RCE and DoS.
• Experience in security auditing and compliance, with knowledge of standards such as OWASP and ISO 27001.
• Strong communication and consulting skills, capable of working as a part-time advisor, delivering security training, and producing clear documentation.

Why Binance

• Shape the future with the world's leading blockchain ecosystem
• Collaborate with world-class talent in a user-centric global organization with a flat structure
• Tackle unique, fast-paced projects with autonomy in an innovative environment
• Thrive in a results-driven workplace with opportunities for career growth and continuous learning
• Competitive salary and company benefits
• Work-from-home arrangement (the arrangement may vary depending on the work nature of the business team)

Binance is committed to being an equal opportunity employer. We believe that having a diverse workforce is fundamental to our success.

By submitting a job application, you confirm that you have read and agree to our Candidate Privacy Notice .

Company:

Sopra Steria is a listed European tech leader specializing in Consulting, Digital Services, and Software. With 60,000 employees worldwide across Europe, North America and Asia, Singapore serves as the HQ for our APAC operations. We focus on delivering Infrastructure, Cloud and Cybersecurity services across the region.

Description:

For this position, we are looking for an Endpoint Detection Response (EDR) Specialist to join a critical cybersecurity project supporting Singapore's air traffic control infrastructure. You will play a key role in ensuring the successful testing, validation and support of an EDR and Application Control solutions. You will also work closely with the customer and vendor team to review test procedures, support configuration assessments, deliver training and handle change requests during acceptance and assessment phases.

Responsibilities:

• Review and contribute to the EDR and Application Control Acceptance Test Procedure Book (ATPB)
• Support and validate EDR and Application Control configuration
• Review and enhance EDR training materials and the Technical Operator Manual
• Deliver EDR training sessions to customer teams at the Singapore Aviation Academy (SAA)
• Conduct effective knowledge transfer to the project team
• Provide support for Problem Change Requests (PCRs) during Functional and Security Site Acceptance Tests (FSAT/SSAT), Penetration Testing, and Vulnerability Assessments (PEN/VA)
• Participate in regular progress reviews and collaborate closely with stakeholders
  Support delivery of EDR and Application Control capabilities for both ONL (Operational Network Layer) and OFL (Offline Layer) environments

Requirements:

• Proven experience working with EDR solutions and Application Control tools in cybersecurity projects
• Strong understanding of acceptance test procedures and test documentation
• Experience in delivering technical training and knowledge transfer
• Familiarity with problem/change request management in security testing phases
• Excellent communication skills to liaise effectively with clients and vendor teams
• Ability to work independently and proactively manage assigned tasks
• Experience with Carbon Black is huge plus
  Cat 2 Security Clearance

Additional :

• Work location: Singapore Air Traffic Control Centre / Singapore Aviation Academy
• Due to the nature of aviation and air traffic control industry, you may be required to work outside of normal working hours. This is an exciting opportunity to work on systems where uptime, reliability, and security are mission-critical – and where your expertise truly makes a difference.

Benefits:

• Regular team buildings
• 18 leave days / year
• Insurance: GP, Hospitalization, Dental and Optical
• Annual bonus
• Working hours: from 9am to 6pm, Monday to Friday
• Training and certifications paths

Job Summary: We are seeking an experienced Security Consultant to assess, design and implement robust security solutions across enterprise environments, The role involves conducting risk assessments, developing security architecture, advising on compliance frameworks and guiding internal stakeholders to ensure security requirements are met across all systems and applications

Key Responsibilities

• Design, implement, and manage security measures for cloud environments.
• Conduct regular security assessments and audits of cloud infrastructure.
• Collaborate with cross-functional teams to integrate security best practices into cloud-based applications and services.
• Implement and maintain access controls, encryption, and other security features.
• Stay up to date with industry trends and emerging threats to proactively address potential vulnerabilities.
• Develop and document security policies, procedures, and guidelines for cloud environments.

What we are looking for:

• Relevant certifications such as AWS Certified Security - Specialty or Certified Cloud Security Professional (CCSP) are a plus.
• Excellent communication skills and the ability to collaborate with diverse teams.
• Organized, independent and able to work with minimal supervision in a fast-paced working environment and adhere to organizational process and governance.
• Minimum five (5) years of relevant IT experience in deploying and managing application and services on cloud, including the design, development, implementation and/or management of the solution.
• Proven experience as a Cloud Security Engineer or similar role, with a focus on AWS cloud services
• Good knowledge in security
• Strong understanding of cloud platforms such as AWS, Azure, or Google Cloud.
• Proficient in security concepts related to infrastructure as code (IaC) and containerization.
• Experience with security tools and technologies, such as Security Information and Events Management, Data Loss Prevention, Database Activity Monitoring, Data Security and Protection, Privileged Access Management, File Integrity Monitoring, Web Application Firewall, Intrusion Prevent etc.

As a Microsoft Purview Security Consultant, you will play a key role in designing, building, and deploying enterprise-grade information protection solutions for global financial clients. You will lead organizations through the core phases of the data protection journey: discovery, classification, protection, governance, and risk management. Your expertise will ensure end-to-end project coverage for data security across Microsoft 365 environments, including SharePoint Online, OneDrive, Windows File Servers, and NAS—supporting hybrid data landscapes with a consistent, policy-driven approach.

Join us.

You will collaborate with multidisciplinary teams to analyze data flows, gather regulatory, compliance, and business requirements, and translate them into robust technical designs and policy frameworks. You will advise on architecture design for data security, define sensitive information types, and implement data classification strategies that help organizations manage information lifecycles and enforce compliance at scale.

What you will do:

• Provide guidance on designing, implementing, and optimizing Microsoft Purview solutions for data governance, information protection, and compliance.
• Support clients in managing data lifecycles, regulatory controls, and risk mitigation strategies using Microsoft Purview and integrated Microsoft Security technologies.
• Conduct data assessments at scale, developing custom policies and automations to manage sensitive information.
• Collaborate with stakeholders to align Purview deployments with organizational goals, security frameworks, and industry standards.
• Lead workshops and deliver technical enablement sessions on Purview features, best practices, and compliance scenarios.
• Develop dashboards and reports to provide actionable insights on data risks, compliance posture, and governance performance.
• Promote the adoption of data governance policies and foster a culture of security and trust within client organizations.

Job requirements

• Bachelor's degree in computer science or any equivalent
• Must have 5+ years of experience in data governance and security with expertise in Microsoft Purview Information Protection.
• In-depth knowledge of data classification, DLP (Data Loss Prevention), and regulatory frameworks such as GDPR, HIPAA, and CCPA.
• Proven ability to implement and fine-tune Purview in diverse environments, including hybrid and multi-cloud ecosystems.
• Proficiency in scripting and automation (PowerShell, Azure Logic Apps) for policy enforcement and data protection.
• Consulting experience with stakeholder engagement and client relationship management.
• Excellent communication, presentation, and documentation skills to translate technical solutions into business value.
• Microsoft Certified: Information Protection and Compliance Administrator Associate (SC-400).
• Must have certifications: SC-100, CISSP, CISM.
• Analytical and problem-solving skills with the ability to handle complex security incidents.
• Experience with cloud security concepts and Microsoft Azure security services.
• A track record of successful client engagements and project delivery in a consulting environment.

Thank you for your interest

We respect your privacy and all communication will be treated with confidentiality. If you wish to know more about this position or explore other roles, please prepare your updated profile and get in touch with our consultant at

Cristina Malabuyoc Malijan EA License No. 02C3423 Personnel Registration No. R

Please note that your response to this advertisement and communications with us pursuant to this advertisement will constitute informed consent to the collection, use and/or disclosure of personal data by ManpowerGroup Singapore for the purpose of carrying out its business, in compliance with the relevant provisions of the Personal Data Protection Act 2012. To learn more about ManpowerGroup's Global Privacy Policy, please visit

Company:

Sopra Steria is a listed European tech leader specializing in Consulting, Digital Services, and Software. With 60,000 employees worldwide across Europe, North America and Asia, Singapore serves as the HQ for our APAC operations. We focus on delivering Infrastructure, Cloud and Cybersecurity services across the region.

Description:

For this position, we are looking for an Endpoint Detection Response (EDR) Specialist to join a critical cybersecurity project supporting Singapore's air traffic control infrastructure. You will play a key role in ensuring the successful testing, validation and support of an EDR and Application Control solutions. You will also work closely with the customer and vendor team to review test procedures, support configuration assessments, deliver training and handle change requests during acceptance and assessment phases.

Responsibilities:

• Review and contribute to the EDR and Application Control Acceptance Test Procedure Book (ATPB)
• Support and validate EDR and Application Control configuration
• Review and enhance EDR training materials and the Technical Operator Manual
• Deliver EDR training sessions to customer teams at the Singapore Aviation Academy (SAA)
• Conduct effective knowledge transfer to the project team
• Provide support for Problem Change Requests (PCRs) during Functional and Security Site Acceptance Tests (FSAT/SSAT), Penetration Testing, and Vulnerability Assessments (PEN/VA)
• Participate in regular progress reviews and collaborate closely with stakeholders
  Support delivery of EDR and Application Control capabilities for both ONL (Operational Network Layer) and OFL (Offline Layer) environments

Requirements:

• Proven experience working with EDR solutions and Application Control tools in cybersecurity projects
• Strong understanding of acceptance test procedures and test documentation
• Experience in delivering technical training and knowledge transfer
• Familiarity with problem/change request management in security testing phases
• Excellent communication skills to liaise effectively with clients and vendor teams
• Ability to work independently and proactively manage assigned tasks
• Experience with Carbon Black is huge plus
  Cat 2 Security Clearance

Additional :

• Work location: Singapore Air Traffic Control Centre / Singapore Aviation Academy
• Due to the nature of aviation and air traffic control industry, you may be required to work outside of normal working hours. This is an exciting opportunity to work on systems where uptime, reliability, and security are mission-critical – and where your expertise truly makes a difference.

Benefits:

• Regular team buildings
• 18 leave days / year
• Insurance: GP, Hospitalization, Dental and Optical
• Annual bonus
• Working hours: from 9am to 6pm, Monday to Friday
• Training and certifications paths

Role Overview

We are seeking a motivated and skilled Security Consultant to join our cybersecurity team. The ideal candidate will have hands-on experience in vulnerability assessment and penetration testing (VAPT), and a strong foundation in offensive security practices. This role requires a proactive individual who can assess, identify, and exploit security vulnerabilities across network and web environments, and provide actionable remediation recommendations to strengthen clients' security posture.

Key Responsibilities

• Conduct network and web application vulnerability assessments and penetration tests (VAPT) to identify and validate security risks.
• Prepare detailed reports outlining findings, risks, and practical remediation strategies.
• Work closely with clients and internal teams to deliver effective security solutions.
• Stay updated with emerging security threats, exploits, and industry best practices.
• Support internal research and development to enhance service offerings.

Requirements

• Nationality: Must be a Singapore Citizen.
• Experience: Minimum 2 years of relevant hands-on security testing experience.
• Certifications (at least one required): OSCP / OSCP+ / CRT
• Strong knowledge of network protocols, web application architecture, and common vulnerabilities (e.g., OWASP Top 10).
• Familiarity with industry-standard tools (e.g., Burp Suite, Metasploit, Nmap, Nessus, etc.).
• Strong analytical and problem-solving skills with attention to detail.
• Excellent communication and report-writing skills.

Good to Have

• Additional offensive security certifications (e.g., OSWE, OSEP, CRTO, CRTL).
• Exposure to source code review, cloud penetration testing and mobile application testing.
• Experience working with government or regulated industry clients.

Why Join Us?

• Opportunity to work on challenging, real-world security engagements.
• Professional growth through advanced projects and certifications.
• Collaborative and knowledge-sharing environment.

Job Summary: We are seeking an experienced Security Consultant to assess, design and implement robust security solutions across enterprise environments, The role involves conducting risk assessments, developing security architecture, advising on compliance frameworks and guiding internal stakeholders to ensure security requirements are met across all systems and applications

Key Responsibilities

• Design, implement, and manage security measures for cloud environments.
• Conduct regular security assessments and audits of cloud infrastructure.
• Collaborate with cross-functional teams to integrate security best practices into cloud-based applications and services.
• Implement and maintain access controls, encryption, and other security features.
• Stay up to date with industry trends and emerging threats to proactively address potential vulnerabilities.
• Develop and document security policies, procedures, and guidelines for cloud environments.

What we are looking for:

• Relevant certifications such as AWS Certified Security - Specialty or Certified Cloud Security Professional (CCSP) are a plus.
• Excellent communication skills and the ability to collaborate with diverse teams.
• Organized, independent and able to work with minimal supervision in a fast-paced working environment and adhere to organizational process and governance.
• Minimum five (5) years of relevant IT experience in deploying and managing application and services on cloud, including the design, development, implementation and/or management of the solution.
• Proven experience as a Cloud Security Engineer or similar role, with a focus on AWS cloud services
• Good knowledge in security
• Strong understanding of cloud platforms such as AWS, Azure, or Google Cloud.
• Proficient in security concepts related to infrastructure as code (IaC) and containerization.
• Experience with security tools and technologies, such as Security Information and Events Management, Data Loss Prevention, Database Activity Monitoring, Data Security and Protection, Privileged Access Management, File Integrity Monitoring, Web Application Firewall, Intrusion Prevent etc.

Direct message the job poster from Howden

At Howden, we employ talented individuals and empower them to make a real difference to the company, whilst building successful and fulfilling careers.

The entrepreneurial atmosphere is one of the biggest reason people love to work for us. We are a leading independent, global insurance brokers but have a noticeably flat hierarchy. It doesn’t matter how junior or senior, anyone with a good idea will be heard. This means our employees can shape their own career paths and determine their own success.

This atmosphere attracts the brightest talent in the market. If that includes you, get in touch.

Job role: Senior Security Consultant (M&A Architecture Focus)

Department: Information Security / Enterprise Architecture

Report to: Group Deputy Chief Information Security Officer

A LEADING GLOBAL INDEPENDENT BROKER

Howden is a specialist commercial insurance broker. Its regional footprint covers Singapore (regional headquarters),

Malaysia, Hong Kong, Indonesia, Thailand, and Philippines. It is part of the London-headquartered Howden Broking Group, a leading independent, global broker with offices in over 40 countries worldwide.

About the Role:

We are looking for a highly skilled and experienced Senior Security Consultant to join our dynamic and fast-growing security team. This pivotal role blends deep technical proficiency in cybersecurity with strategic leadership in Mergers & Acquisitions (M&A) initiatives. As a trusted security advisor, you will be instrumental in evaluating the security posture of target organizations, identifying potential risks, and ensuring seamless integration of security frameworks post-acquisition.

You will lead the end-to-end security lifecycle of M&A activities from due diligence and risk analysis to integration planning and execution. Your work will directly influence the organization’s ability to scale securely, maintain compliance, and protect critical assets during periods of rapid change. This role requires a unique combination of technical depth, business acumen, and cross-functional collaboration, making it ideal for professionals who thrive in complex, high-impact environments.

Key Responsibilities:

Security Analysis & Architecture

• Conduct In-Depth Security Assessments of Systems, Networks, and Applications: Perform comprehensive evaluations of both on-premises and cloud-based environments to identify vulnerabilities, misconfigurations, and potential attack vectors. Utilize tools such as vulnerability scanners, penetration testing frameworks, and manual review techniques to assess the security posture of critical assets. Deliver detailed reports with prioritized findings and actionable remediation recommendations.
• Design and Recommend Security Controls and Architecture Improvements: Develop and propose robust security architectures that align with industry best practices and organizational risk tolerance. This includes designing secure network topologies, implementing zero-trust principles, and recommending controls such as encryption, multi-factor authentication, and intrusion detection/prevention systems. Work closely with enterprise architects to ensure security is embedded into the design phase of all technology initiatives.
• Collaborate with IT, DevOps, and Business Units to Ensure Secure Design and Implementation of Systems: Act as a security advisor throughout the system development lifecycle (SDLC), participating in design reviews, threat modeling sessions, and change management processes. Partner with DevOps teams to integrate security into CI/CD pipelines (DevSecOps), ensuring automated testing and compliance checks. Provide guidance to business stakeholders on balancing security requirements with operational needs and user experience.

M&A Security Integration

• Lead Security Due Diligence Efforts:Spearhead comprehensive security evaluations during M&A activities, including pre-acquisition risk assessments, gap analyses, and compliance reviews. Collaborate with legal, IT, and business teams to identify potential security liabilities, regulatory exposures, and integration challenges. Ensure that all findings are documented and communicated effectively to executive stakeholders.
• Develop and Execute Security Integration Plans: Create tailored security integration strategies for newly acquired entities, aligning them with the organization’s overarching security architecture and governance frameworks. This includes harmonizing policies, access controls, identity management systems, and incident response protocols. Oversee the execution of these plans, ensuring minimal disruption to business operations and maintaining a strong security posture throughout the transition.
• Identify and Mitigate Legacy and Third-Party Risks: Conduct thorough assessments of legacy systems, inherited infrastructure, and third-party vendor relationships to uncover vulnerabilities and compliance gaps. Implement remediation plans that may include system upgrades, vendor renegotiations, or decommissioning of outdated technologies. Ensure secure data migration practices and validate that sensitive information is protected during transfer and integration.
• Post-Merger Monitoring and Optimization: Establish post-merger security monitoring protocols to detect anomalies and ensure ongoing compliance. Use metrics and KPIs to evaluate the effectiveness of integration efforts and identify areas for continuous improvement. Provide regular updates to senior leadership and contribute to post-acquisition reviews and lessons-learned sessions.
• Stakeholder Engagement and Communication: Act as a liaison between technical teams and business units during M&A processes, translating complex security requirements into actionable business terms. Facilitate workshops and training sessions to onboard acquired teams into the organization’s security culture and practices.
• Ensure compliance with industry standards (e.g., ISO 27001, NIST, DORA, SOC 2, GDPR).
• Support internal and external audits related to security controls and M&A activities.
• Maintain documentation and reporting for security assessments and integration efforts.
• Act as a trusted advisor to senior leadership on security risks and strategies during M&A.
• Mentor junior analysts and contribute to the development of security best practices.
• Participate in incident response and threat modeling exercises as needed.

Qualifications

Required :

• 7+ years of experience in cybersecurity, with at least 2 years in a senior or lead role.
• Proven experience in M&A security assessments and post-acquisition integration.
• Strong understanding of enterprise security architecture, cloud security (AWS, Azure, GCP), and network security.
• Familiarity with regulatory and compliance frameworks (e.g., GDPR, HIPAA, PCIDSS).
• Excellent communication and stakeholder management skills.

Preferred:

• Certifications such as CISSP, CISM, CCSP, or SABSA.
• Experience with security tools such as SIEM, DLP, vulnerability scanners, and EDR platforms.
• Background in enterprise architecture or solution architecture is a plus.

YOUR BENEFITS AND SALARY:

• Commensurate with qualification and experience
• Working in a collaborative environment with excellent learning opportunities
• Possibility of moving to a permanent role at the end of the 12 months if you can prove yourself to be adding value to our business.

DATA PROTECTION NOTICE FOR JOB APPLICANTS

This Data Protection Notice (“Notice”) sets out the basis upon which Howden Insurance Brokers (S.) Pte. Limited (“we”, “us” or “our”) may collect, use, disclose or otherwise process personal data of job applicants in accordance with the Personal Data Protection Act (“PDPA”). This Policy applies to personal data in our possession or under our control, including personal data in the possession of organizations which we have engaged to collect, use, disclose or process personal data for our purposes.”

For more information, please refer to the link below.

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Insurance

Referrals increase your chances of interviewing at Howden by 2x

Get notified about new Security Consultant jobs in Singapore, Singapore .

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.