538 Security Testing jobs in Singapore

Overview
Risk Services - Cyber Security Testing Associate - 2026 Intake. At PwC, we help clients build trust and reinvent so they can turn complexity into competitive advantage. We’re a tech-forward, people-empowered network with more than 370,000 people in 149 countries. Across audit and assurance, tax and legal, deals and consulting we help clients build, accelerate and sustain momentum. Find out more at
Our Risk Services Team provides an invaluable safeguard in today’s complex operating environment with insights and independent assurance. We work with clients to deliver business control to help them protect and strengthen every aspect of their business from people to performance, systems to strategy, business plans to business resilience. We help clients manage, mitigate and control risks from potential cybersecurity breaches to possible breaks in the supply chain. We assess and prepare businesses by looking into their technology, finance, data analytics, regulatory requirements, data security and privacy, internal audit, and the third parties our clients rely on, to help clients deliver quality results and meet their strategic objectives. We work with our clients to build trust across their digital/technology-enabled businesses and address areas such as the loss or misuse of important data, failure to react to changes in the market, implementing and reviewing systems or business processes, while also verifying that third-party providers effectively manage and control current and future cybersecurity threats through rigorous penetration testing and red teaming exercises. In the Cybersecurity team, we help clients to achieve their business objectives by providing various services such as penetration testing, red teaming, source code review, etc.
Responsibilities
Penetration Testing – identify and exploit vulnerabilities to help clients secure assets and protect sensitive data, with hands-on experience and professional growth.
Red Teaming – simulate adversary tactics to test organizational defenses, focusing on achieving objectives, conducting covert operations, and maintaining long-term access to compromised systems.
Cybersecurity Assessment – assess clients’ security posture through host configuration reviews against industry benchmarks, source code reviews, architecture reviews, and cybersecurity risk assessment.
Qualifications
Computer Science, Computer Engineering, and Information Technology students from reputable local and overseas universities
Strong fundamental knowledge of information technology and cyber security
Knowledge of security testing tools (e.g. Kali Linux, Covenant, Metasploit, nmap, Burp Suite, etc.)
Willingness to develop professionally and contribute to a team
Highly motivated, enthusiastic, confident, and creative with strong interpersonal and communication skills
Critical thinking and problem solving
Commitment to teamwork and excellence
Knowledge of scripting languages (e.g. Bash, Python)
Penetration testing certifications (e.g. CEH, CRT, OSCP) is an advantage
Participation in CTF, disclosed information security flaws, CVE publications, or offensive security research is an advantage
Additional Information
Available for work visa sponsorship: Yes
Government clearance required: No
Job Posting End Date: (not specified in description)
Education: Degrees/Field of Study required and preferred not specified
Experience level: Internship
Employment type: Full-time
Job function: Other
Industry: Accounting
For questions, email
#J-18808-Ljbffr

Position Overview
The
Penetration Testing function
will be responsible for planning and overseeing the delivery of testing and certification services, or designing and performing tests and check cases to determine if infrastructure components, systems and applications meet confidentiality, integrity, authentication, availability, authorisation and non-repudiation standards. He/she translates requirements into test plans, writes and executes test scripts or codes in line with standards and procedures to determine vulnerability from attacks. He/she certifies infrastructure components, systems and applications that meet security standards. Where required, he/she will report on testing outcomes and activities, provide recommendations and manages stakeholder expectations, and ensure compliance with assessment and testing standards, processes and tools. He/She will also help to develop the organisational security testing capability and support knowledge management.
Role & Responsibilities
Operate a hands-on role involving Penetration testing and Vulnerability assessment of the ICT systems (i.e. Web, Mobile, Thick Client, Network).
Plan and create penetration testing methods, scripts, and tests.
Carry out scoping activities to identify what components of a given system require penetration testing
Define test requirements and criteria to carry out the Penetration Testing.
Create reports and recommendations from findings, security issues and level of Risk.
Advise on methods to fix or lower security risks to Development Team.
Present findings, Risks, and conclusions to stakeholders.
Automate penetration testing activities to save time and effort.
Be a mentor and carry out training sessions to new joiners and junior resources on Penetration Testing activities.
Involves on the Security Testing and other Tools procurement activities.
Work on the Penetration Testing Process improvement areas.
Requirements
5+ years of relevant experience including Penetration Testing on (Web Application, Mobile, Thick Client and Infrastructure applications)
Business risk along with good reporting writing and client presentation skills. Consulting experience within a Professional Services organization.
Strong analytical skills and ability to work independently.
Have a strong sense of responsibility towards delivery of project objectives
Equipped with programming skills in at least one of following programming language/environment such as SAP, ABAP, .NET, Python, Ruby, JAVA or Regular expression.
Experience in healthcare industry will be an added advantage.
Must have the OSCP or CREST-CRT Certifications.Any other Certifications like OSCE, CISSP would be advantage.
Would be a good team player.
Excellent verbal and written communication skills.
NOTE: It only takes a few minutes to apply for a meaningful career in HealthTech - GO FOR IT!
#J-18808-Ljbffr

• Deploy and maintain F5 systems with expertise in LTM, WAF, and API modules.
• Implement and manage Azure Cloud security, including APIM gateways.
• Configure, implement, and maintain network security solutions, focusing on Cisco FTD, FMC, and firewalls.
• Develop, implement, and enforce granular security policies across F5, firewalls, and APIM gateways.
• Conduct periodic policy rule base reviews, cleanups, and optimizations to strengthen security posture and network performance.
• Integrate and configure F5 solutions to support application delivery and enforce security rules.
• Prepare detailed documentation, including network diagrams, configurations, and standard operating procedures (SOPs).
• Collaborate with cross-functional teams to align security policies with business objectives.

• 5+ Years of Experience is required

• Relevant certifications in identity and access management (such as CISSP, CISM, CISA, CGEIT, or vendor-specific certifications) would be advantageous.

• Professional audit certifications such as CIA (Certified Internal Auditor) or CISA (Certified Information Systems Auditor) would be highly beneficial.

• Experience with automation tools and scripting to improve operational efficiency would be beneficial.

• Knowledge of Singapore Government security standards and compliance frameworks would be an added advantage.

• Familiarity with GRC (Governance, Risk, and Compliance) platforms and audit management systems would be preferred.

Technical Experience

• Proven experience in Identity and Access Management, with particular expertise in user access reviews and privileged access management systems such as CyberArk.

• Hands-on experience with enterprise identity management platforms and access governance tools.

• Strong understanding of identity governance principles, including role-based access control (RBAC), segregation of duties, and principle of least privilege.

• Experience with identity management lifecycle processes including provisioning, de-provisioning, and access certification.

IAM Audit and Assessment Skills

• Demonstrated experience in conducting IAM audits and access assessments across complex enterprise environments.

• Proficiency in audit methodologies and frameworks specific to identity and access management, including COBIT, COSO, and ITIL.

• Strong analytical skills with ability to identify patterns, anomalies, and potential security risks through data analysis and system reviews.

• Experience with audit tools and technologies for automated access analysis, reporting, and compliance monitoring.

• Knowledge of forensic analysis techniques for investigating access-related security incidents and policy violations.

• Ability to develop and execute comprehensive audit programmes covering all aspects of identity lifecycle management.

Process Management Skills

• Demonstrated ability to manage complex, multi-stakeholder processes with high attention to detail and accuracy.

• Experience in coordinating with diverse stakeholder groups to achieve compliance and operational objectives within tight timeframes.

• Strong project management skills with ability to handle multiple concurrent initiatives whilst maintaining quality standards.

• Experience in process documentation, improvement, and standardisation activities.

Compliance and Risk Management

• Knowledge of regulatory compliance requirements related to access management and data protection, including GDPR, SOX, and industry-specific regulations.

• Understanding of risk assessment methodologies and ability to identify and mitigate identity-related security risks.

• Experience supporting audit activities and maintaining comprehensive audit trails for access management activities.

• Knowledge of compliance frameworks and standards such as ISO 27001, NIST Cybersecurity Framework, and COBIT.

Documentation and Reporting

• Strong technical writing skills with ability to produce clear, comprehensive audit reports and compliance documentation.

• Experience in creating executive-level reporting and dashboards for IAM metrics and compliance status.

• Ability to translate complex technical findings into business impact assessments and actionable recommendations.

• Proficiency in data visualisation tools and techniques for presenting audit findings and compliance metrics.

Communication and Stakeholder Management

• Excellent interpersonal and communication skills with ability to work effectively with stakeholders at all organisational levels.

• Strong problem-solving abilities with experience in exception handling and issue resolution.

• Ability to translate technical concepts into business language for non-technical stakeholders.

• Experience in managing audit relationships and coordinating with external auditors and regulatory bodies.

What you'll be doing

• Design, deploy, and configure CyberArk solutions to protect our critical systems and data
• Manage and maintain the CyberArk platform, including user accounts, policies, and privileged access controls
• Perform security audits and risk assessments to identify and mitigate potential vulnerabilities
• Collaborate with cross-functional teams to integrate CyberArk into our existing security infrastructure
• Provide training and support to users on CyberArk best practices and policies
• Stay up to date with the latest CyberArk developments and industry security trends
• Continuously optimise and enhance our CyberArk implementation to ensure maximum effectiveness

What we're looking for

• Minimum 1 year of experience as a Security Engineer or similar role, with a strong focus on CyberArk implementation and administration
• Proficient in designing, deploying, and managing CyberArk solutions, including PVWA, PAS, PSM, and CPM
• Excellent understanding of security best practices, privileged access management, and identity and access management concepts
• Experience in integrating CyberArk with other security tools and applications
• Strong problem-solving and analytical skills, with the ability to identify and resolve complex security issues
• Good communication skills to effectively collaborate with cross-functional teams and provide training to end-users
• Relevant certifications, such as CyberArk Certified Implementation Engineer (CCIE) or CyberArk Certified Security Expert (CCSE), are preferred

Interested candidates who wish to apply for the advertised position, please email us an updated copy of your resume.

Email Address:

EA License No.: 13C6305

Reg No: R HIEW CHAI SYIN)

For candidate who applied for the advertised position is deemed to have consented to us that we may collect, use or disclose your personal information for purpose in connection with the services provided by us.

Security Engineer

Location: West Singapore

Industry: Security Systems / Facilities Management

Employment Type: Full-time | Permanent

About the Role

As a Security Engineer, you will be responsible for responding to intrusion alarm system activations, performing maintenance servicing, and commissioning alarm systems. The role also includes attending to customer requests on alarm and card access systems, and conducting night patrols. This position requires working on 12-hour rotating shifts.

Key Responsibilities

• Respond to intrusion alarm system activations.
• Perform maintenance servicing and commissioning of alarm systems.
• Handle customer requests for alarm and card access systems.
• Conduct regular patrols during night shifts.
• Ensure all work is performed in compliance with security and safety standards.

Requirements

• Higher Nitec or above.
• 1–2 years of working experience preferred.
• Enhanced Basic Security certification will be an added advantage.
• High energy with good interpersonal and communication skills.
• Valid Class 3 driving license with clean record.

Salary & Benefits

• Based on 16 shifts per month (12-hour rotating shifts).
• Monthly gross salary with progression based on qualifications.
• Performance incentive.
• Annual Wage Supplement (AWS) – 1 month.
• Variable bonus (subject to company performance).
• Overtime opportunities.
• Insurance, medical coverage, and salary increment.

Why Join

• Competitive salary with allowances and incentives.
• Clear salary progression based on qualifications.
• Exposure to a wide portfolio of security systems and operations.
• Career development opportunities in the security industry.

Apply now with your updated CV to be considered for this opportunity.

Job Types: Full-time, Permanent

Pay: $2, $3,200.00 per month

Benefits:

• Additional leave
• Professional development

Work Location: In person

About the role

As a Security Engineer at VSTECS (SINGAPORE) PTE. LTD.', you will play a crucial role in safeguarding the company's information assets and digital infrastructure. In this full-time position based in the Lavender area of the Central Region, you will be responsible for designing, implementing, and maintaining robust security solutions to protect the organisation from cyber threats.

What you'll be doing

• Analyse and assess the company's security posture, identifying vulnerabilities and implementing appropriate countermeasures
• Design, configure, and manage security systems, including firewalls, intrusion detection/prevention systems, and access control mechanisms
• Develop and maintain security policies, standards, and procedures to ensure compliance with industry regulations and best practices
• Conduct regular security assessments, penetration testing, and security audits to identify and mitigate risks
• Collaborate with cross-functional teams to implement security solutions and respond to security incidents
• Stay up-to-date with the latest security trends, technologies, and industry regulations to continuously improve the company's security posture

What we're looking for

• Minimum 3 years of experience in a security engineering or similar role, preferably in the Information & Communication Technology industry
• Strong technical expertise in security technologies, including firewalls, VPNs, IDS/IPS, access control, and security monitoring tools
• Proficiency in programming and scripting languages, such as Python, Bash, or PowerShell, to automate security tasks
• Familiarity with security frameworks and best practices (e.g., NIST, ISO, OWASP)
• Excellent problem-solving, analytical, and critical thinking skills to identify and mitigate security threats
• Strong communication and collaboration skills to effectively work with cross-functional teams
• Relevant certifications (e.g., CISSP, OSCP, GIAC) are highly desirable

What we offer

At VSTECS (SINGAPORE) PTE. LTD.', we are committed to nurturing a collaborative and supportive work environment. We offer competitive salaries, comprehensive benefits, and opportunities for professional development to help you thrive in your career. Additionally, we prioritise the wellbeing of our employees and are open to discussing any adjustments or accommodations you may require during the recruitment process.

About us

VSTECS (SINGAPORE) PTE. LTD.' is a leading provider of information and communication technology solutions in the region. With a strong focus on innovation and customer satisfaction, we have established ourselves as a trusted partner for businesses of all sizes. Our mission is to empower our clients with cutting-edge technology and secure their digital assets, enabling them to stay ahead in a rapidly evolving digital landscape.

If you're excited about this opportunity and ready to join our team, apply now.

Role Overview

We are seeking a Security Engineer with 3+ years of hands-on experience in implementing and managing F5 and firewall solutions, with a strong understanding of the Azure cloud platform and security principles.

Key Responsibilities

Security Implementation & Management

• Deploy and maintain F5 systems with experience in LTM, WAF, API.
• Deploy and maintain Azure Cloud security, with experience in APIM gateways.
• Implement and maintain firewall management and security solutions.

Security Policy & Configuration

• Implement and enforce granular security policies on F5, firewall solutions, and Azure APIM gateways.
• Perform regular policy rule base reviews, cleanups, and optimizations to maintain a strong security posture and network performance.
• Integrate and configure F5, firewall, and security solutions to enforce application delivery and security policies.

Documentation & Collaboration

• Prepare and maintain diagrams, configurations, and standard operating procedures.
• Collaborate with cross-functional teams to ensure security policies align with business objectives.

Qualifications

• Experience: 3–5 years of hands-on experience in network security or engineering roles.
• Technical Skills:
• Hands-on experience with F5 BIG-IP platforms (LTM, WAF/ASM, API).
• Proven experience with Azure cloud security (NSG, APIM).
• Implementation knowledge of network firewall solutions (FTD, FMC).
• Strong understanding of network protocols (TCP/IP, DNS, HTTP/S).
• Knowledge of security principles (firewalls, IDS/IPS, VPNs).
• Familiarity with automation and cloud security is a plus.

Preferred Certifications

• Microsoft Certified: Azure Security Engineer Associate
• Cisco Certified Network Professional (CCNP Security)
• F5 Certified Administrator or F5 Certified Technology Specialist (CTS)
• Other relevant security certifications (CISSP, CompTIA Security+)

Job Types: Full-time, Contract

Contract length: 12 months

Pay: $5, $8,000.00 per month

Benefits:

• Health insurance

Work Location: In person

Hiring for Job Applicants Interested In Info-Comm, Telco, Digital Assets and Information from Security Technology Systems.

A Valid S'pore Class 3 Driver's License - Company Minivan & Mobile Phone Provided

Maintaining & Secure Access Control System / Industrial Alarm System / Senors and Networks Islandwide In Singapore

Based In Customer Sites From Time to Time and Conducting Patrols During Night Shift

Tel

Remarks

Work Schedule : 2 Day, 2 Night, 2 Off - OT Claims Exceeded Worked 16 Shifts Monthly

7:30 to 7: Hrs Shifts ) **

AWS + Variable & Performance Bonuses + Shift Allowance + Medical + Dental + Leave + Long Service + Team Building.

Job category 1

Technical/ Engineering/ Production

Job category 2

Information Technology/ Infocom

Job category 3

Job Nature

Permanent