538 Security Testing jobs in Singapore
Security Testing Specialist
Posted today
Job Viewed
Job Description
*WHO WE ARE: *
As Singapore's longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.
Today, we're on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia's leading financial services partner for a sustainable future.
We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career.
Your Opportunity Starts Here.
Why Join
Protecting our customers' assets and data is at the heart of everything we do at OCBC. As a Security Testing Specialist, you'll play a critical role in safeguarding our systems and networks from cyber threats. You'll be part of a team that's shaping the future of cybersecurity in the financial industry.
How you succeed
To succeed in this role, you'll need to stay one step ahead of emerging threats. You'll work closely with our engineering teams to identify and mitigate risks, and develop strategies to protect our systems and data. You'll need to be proactive, collaborative, and always looking for ways to improve our cybersecurity posture.
What you do
- Perform application penetration testing on web-based applications, APIs
- Perform mobile application penetration testing across different mobile platforms
- Perform network penetration testing on systems.
- Exploit vulnerabilities to gain access and expand access to remote systems.
- Document and explain the technical details of the security issues identified during security assessments and recommend mitigation controls for remediation.
- Research cutting edge security topics and new attack vectors
- Conduct compliance testing on web-based application, mobile applications and thick/thin-client application that meet predetermined Technology Security Standards and other regulatory requirements such as MAS TRMG.
- Conduct secure code review when required
- Perform thick client penetration testing when required
Who you are
- Minimum 3 years of hands-on penetration testing experience for web applications, mobile applications, and APIs
- Experience conducting Secure Code Review
- Degree in computer science/computer engineering/information security or equivalent.
- A working knowledge of all aspects of information security is essential.
- Familiarity of MAS TRMG and other regulatory/industries requirements.
- Good communication (spoken and written) skills, able to work independently and as a team
- Certifications from either GIAC/Offensive Security/CREST required.
- Hands on experience in using Kali Linux, tools such as Burp, Tenable and other penetration testing, and secure code review tools
- Experience in conducting penetration testing for Banks in Singapore will be highly preferred
- Experience in conducting code review for AS400 and legacy mainframe systems will be an advantage
Who we are
As Singapore's longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.
Today, we're on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation.
But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia's leading financial services partner for a sustainable future.
We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career. Your Opportunity Starts Here.
What we offer
Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Equal opportunity. Fair employment. Selection based on ability and fit with our culture and values. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.
*What we offer: *
Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.
Risk Services - Cyber Security Testing Associate - 2026 Intake
Posted today
Job Viewed
Job Description
Overview
Risk Services - Cyber Security Testing Associate - 2026 Intake. At PwC, we help clients build trust and reinvent so they can turn complexity into competitive advantage. We’re a tech-forward, people-empowered network with more than 370,000 people in 149 countries. Across audit and assurance, tax and legal, deals and consulting we help clients build, accelerate and sustain momentum. Find out more at
Our Risk Services Team provides an invaluable safeguard in today’s complex operating environment with insights and independent assurance. We work with clients to deliver business control to help them protect and strengthen every aspect of their business from people to performance, systems to strategy, business plans to business resilience. We help clients manage, mitigate and control risks from potential cybersecurity breaches to possible breaks in the supply chain. We assess and prepare businesses by looking into their technology, finance, data analytics, regulatory requirements, data security and privacy, internal audit, and the third parties our clients rely on, to help clients deliver quality results and meet their strategic objectives. We work with our clients to build trust across their digital/technology-enabled businesses and address areas such as the loss or misuse of important data, failure to react to changes in the market, implementing and reviewing systems or business processes, while also verifying that third-party providers effectively manage and control current and future cybersecurity threats through rigorous penetration testing and red teaming exercises. In the Cybersecurity team, we help clients to achieve their business objectives by providing various services such as penetration testing, red teaming, source code review, etc.
Responsibilities
Penetration Testing – identify and exploit vulnerabilities to help clients secure assets and protect sensitive data, with hands-on experience and professional growth.
Red Teaming – simulate adversary tactics to test organizational defenses, focusing on achieving objectives, conducting covert operations, and maintaining long-term access to compromised systems.
Cybersecurity Assessment – assess clients’ security posture through host configuration reviews against industry benchmarks, source code reviews, architecture reviews, and cybersecurity risk assessment.
Qualifications
Computer Science, Computer Engineering, and Information Technology students from reputable local and overseas universities
Strong fundamental knowledge of information technology and cyber security
Knowledge of security testing tools (e.g. Kali Linux, Covenant, Metasploit, nmap, Burp Suite, etc.)
Willingness to develop professionally and contribute to a team
Highly motivated, enthusiastic, confident, and creative with strong interpersonal and communication skills
Critical thinking and problem solving
Commitment to teamwork and excellence
Knowledge of scripting languages (e.g. Bash, Python)
Penetration testing certifications (e.g. CEH, CRT, OSCP) is an advantage
Participation in CTF, disclosed information security flaws, CVE publications, or offensive security research is an advantage
Additional Information
Available for work visa sponsorship: Yes
Government clearance required: No
Job Posting End Date: (not specified in description)
Education: Degrees/Field of Study required and preferred not specified
Experience level: Internship
Employment type: Full-time
Job function: Other
Industry: Accounting
For questions, email
#J-18808-Ljbffr
Lead Engineer - Penetration Testing (Cyber Security Office)
Posted today
Job Viewed
Job Description
Position Overview
The
Penetration Testing function
will be responsible for planning and overseeing the delivery of testing and certification services, or designing and performing tests and check cases to determine if infrastructure components, systems and applications meet confidentiality, integrity, authentication, availability, authorisation and non-repudiation standards. He/she translates requirements into test plans, writes and executes test scripts or codes in line with standards and procedures to determine vulnerability from attacks. He/she certifies infrastructure components, systems and applications that meet security standards. Where required, he/she will report on testing outcomes and activities, provide recommendations and manages stakeholder expectations, and ensure compliance with assessment and testing standards, processes and tools. He/She will also help to develop the organisational security testing capability and support knowledge management.
Role & Responsibilities
Operate a hands-on role involving Penetration testing and Vulnerability assessment of the ICT systems (i.e. Web, Mobile, Thick Client, Network).
Plan and create penetration testing methods, scripts, and tests.
Carry out scoping activities to identify what components of a given system require penetration testing
Define test requirements and criteria to carry out the Penetration Testing.
Create reports and recommendations from findings, security issues and level of Risk.
Advise on methods to fix or lower security risks to Development Team.
Present findings, Risks, and conclusions to stakeholders.
Automate penetration testing activities to save time and effort.
Be a mentor and carry out training sessions to new joiners and junior resources on Penetration Testing activities.
Involves on the Security Testing and other Tools procurement activities.
Work on the Penetration Testing Process improvement areas.
Requirements
5+ years of relevant experience including Penetration Testing on (Web Application, Mobile, Thick Client and Infrastructure applications)
Business risk along with good reporting writing and client presentation skills. Consulting experience within a Professional Services organization.
Strong analytical skills and ability to work independently.
Have a strong sense of responsibility towards delivery of project objectives
Equipped with programming skills in at least one of following programming language/environment such as SAP, ABAP, .NET, Python, Ruby, JAVA or Regular expression.
Experience in healthcare industry will be an added advantage.
Must have the OSCP or CREST-CRT Certifications.Any other Certifications like OSCE, CISSP would be advantage.
Would be a good team player.
Excellent verbal and written communication skills.
NOTE: It only takes a few minutes to apply for a meaningful career in HealthTech - GO FOR IT!
#J-18808-Ljbffr
Security engineer
Posted today
Job Viewed
Job Description
- Deploy and maintain F5 systems with expertise in LTM, WAF, and API modules.
- Implement and manage Azure Cloud security, including APIM gateways.
- Configure, implement, and maintain network security solutions, focusing on Cisco FTD, FMC, and firewalls.
- Develop, implement, and enforce granular security policies across F5, firewalls, and APIM gateways.
- Conduct periodic policy rule base reviews, cleanups, and optimizations to strengthen security posture and network performance.
- Integrate and configure F5 solutions to support application delivery and enforce security rules.
- Prepare detailed documentation, including network diagrams, configurations, and standard operating procedures (SOPs).
- Collaborate with cross-functional teams to align security policies with business objectives.
Security Engineer
Posted today
Job Viewed
Job Description
5+ Years of Experience is required
Relevant certifications in identity and access management (such as CISSP, CISM, CISA, CGEIT, or vendor-specific certifications) would be advantageous.
Professional audit certifications such as CIA (Certified Internal Auditor) or CISA (Certified Information Systems Auditor) would be highly beneficial.
Experience with automation tools and scripting to improve operational efficiency would be beneficial.
Knowledge of Singapore Government security standards and compliance frameworks would be an added advantage.
Familiarity with GRC (Governance, Risk, and Compliance) platforms and audit management systems would be preferred.
Technical Experience
Proven experience in Identity and Access Management, with particular expertise in user access reviews and privileged access management systems such as CyberArk.
Hands-on experience with enterprise identity management platforms and access governance tools.
Strong understanding of identity governance principles, including role-based access control (RBAC), segregation of duties, and principle of least privilege.
Experience with identity management lifecycle processes including provisioning, de-provisioning, and access certification.
IAM Audit and Assessment Skills
Demonstrated experience in conducting IAM audits and access assessments across complex enterprise environments.
Proficiency in audit methodologies and frameworks specific to identity and access management, including COBIT, COSO, and ITIL.
Strong analytical skills with ability to identify patterns, anomalies, and potential security risks through data analysis and system reviews.
Experience with audit tools and technologies for automated access analysis, reporting, and compliance monitoring.
Knowledge of forensic analysis techniques for investigating access-related security incidents and policy violations.
Ability to develop and execute comprehensive audit programmes covering all aspects of identity lifecycle management.
Process Management Skills
Demonstrated ability to manage complex, multi-stakeholder processes with high attention to detail and accuracy.
Experience in coordinating with diverse stakeholder groups to achieve compliance and operational objectives within tight timeframes.
Strong project management skills with ability to handle multiple concurrent initiatives whilst maintaining quality standards.
Experience in process documentation, improvement, and standardisation activities.
Compliance and Risk Management
Knowledge of regulatory compliance requirements related to access management and data protection, including GDPR, SOX, and industry-specific regulations.
Understanding of risk assessment methodologies and ability to identify and mitigate identity-related security risks.
Experience supporting audit activities and maintaining comprehensive audit trails for access management activities.
Knowledge of compliance frameworks and standards such as ISO 27001, NIST Cybersecurity Framework, and COBIT.
Documentation and Reporting
Strong technical writing skills with ability to produce clear, comprehensive audit reports and compliance documentation.
Experience in creating executive-level reporting and dashboards for IAM metrics and compliance status.
Ability to translate complex technical findings into business impact assessments and actionable recommendations.
Proficiency in data visualisation tools and techniques for presenting audit findings and compliance metrics.
Communication and Stakeholder Management
Excellent interpersonal and communication skills with ability to work effectively with stakeholders at all organisational levels.
Strong problem-solving abilities with experience in exception handling and issue resolution.
Ability to translate technical concepts into business language for non-technical stakeholders.
Experience in managing audit relationships and coordinating with external auditors and regulatory bodies.
Security Engineer
Posted today
Job Viewed
Job Description
What you'll be doing
- Design, deploy, and configure CyberArk solutions to protect our critical systems and data
- Manage and maintain the CyberArk platform, including user accounts, policies, and privileged access controls
- Perform security audits and risk assessments to identify and mitigate potential vulnerabilities
- Collaborate with cross-functional teams to integrate CyberArk into our existing security infrastructure
- Provide training and support to users on CyberArk best practices and policies
- Stay up to date with the latest CyberArk developments and industry security trends
- Continuously optimise and enhance our CyberArk implementation to ensure maximum effectiveness
What we're looking for
- Minimum 1 year of experience as a Security Engineer or similar role, with a strong focus on CyberArk implementation and administration
- Proficient in designing, deploying, and managing CyberArk solutions, including PVWA, PAS, PSM, and CPM
- Excellent understanding of security best practices, privileged access management, and identity and access management concepts
- Experience in integrating CyberArk with other security tools and applications
- Strong problem-solving and analytical skills, with the ability to identify and resolve complex security issues
- Good communication skills to effectively collaborate with cross-functional teams and provide training to end-users
- Relevant certifications, such as CyberArk Certified Implementation Engineer (CCIE) or CyberArk Certified Security Expert (CCSE), are preferred
Interested candidates who wish to apply for the advertised position, please email us an updated copy of your resume.
Email Address:
EA License No.: 13C6305
Reg No: R HIEW CHAI SYIN)
For candidate who applied for the advertised position is deemed to have consented to us that we may collect, use or disclose your personal information for purpose in connection with the services provided by us.
Security Engineer
Posted today
Job Viewed
Job Description
Security Engineer
Location: West Singapore
Industry: Security Systems / Facilities Management
Employment Type: Full-time | Permanent
About the Role
As a Security Engineer, you will be responsible for responding to intrusion alarm system activations, performing maintenance servicing, and commissioning alarm systems. The role also includes attending to customer requests on alarm and card access systems, and conducting night patrols. This position requires working on 12-hour rotating shifts.
Key Responsibilities
- Respond to intrusion alarm system activations.
- Perform maintenance servicing and commissioning of alarm systems.
- Handle customer requests for alarm and card access systems.
- Conduct regular patrols during night shifts.
- Ensure all work is performed in compliance with security and safety standards.
Requirements
- Higher Nitec or above.
- 1–2 years of working experience preferred.
- Enhanced Basic Security certification will be an added advantage.
- High energy with good interpersonal and communication skills.
- Valid Class 3 driving license with clean record.
Salary & Benefits
- Based on 16 shifts per month (12-hour rotating shifts).
- Monthly gross salary with progression based on qualifications.
- Performance incentive.
- Annual Wage Supplement (AWS) – 1 month.
- Variable bonus (subject to company performance).
- Overtime opportunities.
- Insurance, medical coverage, and salary increment.
Why Join
- Competitive salary with allowances and incentives.
- Clear salary progression based on qualifications.
- Exposure to a wide portfolio of security systems and operations.
- Career development opportunities in the security industry.
Apply now with your updated CV to be considered for this opportunity.
Job Types: Full-time, Permanent
Pay: $2, $3,200.00 per month
Benefits:
- Additional leave
- Professional development
Work Location: In person
Be The First To Know
About the latest Security testing Jobs in Singapore !
Security Engineer
Posted today
Job Viewed
Job Description
About the role
As a Security Engineer at VSTECS (SINGAPORE) PTE. LTD.', you will play a crucial role in safeguarding the company's information assets and digital infrastructure. In this full-time position based in the Lavender area of the Central Region, you will be responsible for designing, implementing, and maintaining robust security solutions to protect the organisation from cyber threats.
What you'll be doing
- Analyse and assess the company's security posture, identifying vulnerabilities and implementing appropriate countermeasures
- Design, configure, and manage security systems, including firewalls, intrusion detection/prevention systems, and access control mechanisms
- Develop and maintain security policies, standards, and procedures to ensure compliance with industry regulations and best practices
- Conduct regular security assessments, penetration testing, and security audits to identify and mitigate risks
- Collaborate with cross-functional teams to implement security solutions and respond to security incidents
- Stay up-to-date with the latest security trends, technologies, and industry regulations to continuously improve the company's security posture
What we're looking for
- Minimum 3 years of experience in a security engineering or similar role, preferably in the Information & Communication Technology industry
- Strong technical expertise in security technologies, including firewalls, VPNs, IDS/IPS, access control, and security monitoring tools
- Proficiency in programming and scripting languages, such as Python, Bash, or PowerShell, to automate security tasks
- Familiarity with security frameworks and best practices (e.g., NIST, ISO, OWASP)
- Excellent problem-solving, analytical, and critical thinking skills to identify and mitigate security threats
- Strong communication and collaboration skills to effectively work with cross-functional teams
- Relevant certifications (e.g., CISSP, OSCP, GIAC) are highly desirable
What we offer
At VSTECS (SINGAPORE) PTE. LTD.', we are committed to nurturing a collaborative and supportive work environment. We offer competitive salaries, comprehensive benefits, and opportunities for professional development to help you thrive in your career. Additionally, we prioritise the wellbeing of our employees and are open to discussing any adjustments or accommodations you may require during the recruitment process.
About us
VSTECS (SINGAPORE) PTE. LTD.' is a leading provider of information and communication technology solutions in the region. With a strong focus on innovation and customer satisfaction, we have established ourselves as a trusted partner for businesses of all sizes. Our mission is to empower our clients with cutting-edge technology and secure their digital assets, enabling them to stay ahead in a rapidly evolving digital landscape.
If you're excited about this opportunity and ready to join our team, apply now.
Security Engineer
Posted today
Job Viewed
Job Description
Role Overview
We are seeking a Security Engineer with 3+ years of hands-on experience in implementing and managing F5 and firewall solutions, with a strong understanding of the Azure cloud platform and security principles.
Key Responsibilities
Security Implementation & Management
- Deploy and maintain F5 systems with experience in LTM, WAF, API.
- Deploy and maintain Azure Cloud security, with experience in APIM gateways.
- Implement and maintain firewall management and security solutions.
Security Policy & Configuration
- Implement and enforce granular security policies on F5, firewall solutions, and Azure APIM gateways.
- Perform regular policy rule base reviews, cleanups, and optimizations to maintain a strong security posture and network performance.
- Integrate and configure F5, firewall, and security solutions to enforce application delivery and security policies.
Documentation & Collaboration
- Prepare and maintain diagrams, configurations, and standard operating procedures.
- Collaborate with cross-functional teams to ensure security policies align with business objectives.
Qualifications
- Experience: 3–5 years of hands-on experience in network security or engineering roles.
- Technical Skills:
- Hands-on experience with F5 BIG-IP platforms (LTM, WAF/ASM, API).
- Proven experience with Azure cloud security (NSG, APIM).
- Implementation knowledge of network firewall solutions (FTD, FMC).
- Strong understanding of network protocols (TCP/IP, DNS, HTTP/S).
- Knowledge of security principles (firewalls, IDS/IPS, VPNs).
- Familiarity with automation and cloud security is a plus.
Preferred Certifications
- Microsoft Certified: Azure Security Engineer Associate
- Cisco Certified Network Professional (CCNP Security)
- F5 Certified Administrator or F5 Certified Technology Specialist (CTS)
- Other relevant security certifications (CISSP, CompTIA Security+)
Job Types: Full-time, Contract
Contract length: 12 months
Pay: $5, $8,000.00 per month
Benefits:
- Health insurance
Work Location: In person
Security Engineer
Posted today
Job Viewed
Job Description
Hiring for Job Applicants Interested In Info-Comm, Telco, Digital Assets and Information from Security Technology Systems.
A Valid S'pore Class 3 Driver's License - Company Minivan & Mobile Phone Provided
Maintaining & Secure Access Control System / Industrial Alarm System / Senors and Networks Islandwide In Singapore
Based In Customer Sites From Time to Time and Conducting Patrols During Night Shift
Tel
Remarks
Work Schedule : 2 Day, 2 Night, 2 Off - OT Claims Exceeded Worked 16 Shifts Monthly
7:30 to 7: Hrs Shifts ) **
AWS + Variable & Performance Bonuses + Shift Allowance + Medical + Dental + Leave + Long Service + Team Building.
Job category 1
Technical/ Engineering/ Production
Job category 2
Information Technology/ Infocom
Job category 3
Job Nature
Permanent