4 Security Testing jobs in Singapore
Security Testing Specialist
Posted today
Job Viewed
Job Description
*WHO WE ARE: *
As Singapore's longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.
Today, we're on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia's leading financial services partner for a sustainable future.
We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career.
Your Opportunity Starts Here.
Why Join
Protecting our customers' assets and data is at the heart of everything we do at OCBC. As a Security Testing Specialist, you'll play a critical role in safeguarding our systems and networks from cyber threats. You'll be part of a team that's shaping the future of cybersecurity in the financial industry.
How you succeed
To succeed in this role, you'll need to stay one step ahead of emerging threats. You'll work closely with our engineering teams to identify and mitigate risks, and develop strategies to protect our systems and data. You'll need to be proactive, collaborative, and always looking for ways to improve our cybersecurity posture.
What you do
- Perform application penetration testing on web-based applications, APIs
- Perform mobile application penetration testing across different mobile platforms
- Perform network penetration testing on systems.
- Exploit vulnerabilities to gain access and expand access to remote systems.
- Document and explain the technical details of the security issues identified during security assessments and recommend mitigation controls for remediation.
- Research cutting edge security topics and new attack vectors
- Conduct compliance testing on web-based application, mobile applications and thick/thin-client application that meet predetermined Technology Security Standards and other regulatory requirements such as MAS TRMG.
- Conduct secure code review when required
- Perform thick client penetration testing when required
Who you are
- Minimum 3 years of hands-on penetration testing experience for web applications, mobile applications, and APIs
- Experience conducting Secure Code Review
- Degree in computer science/computer engineering/information security or equivalent.
- A working knowledge of all aspects of information security is essential.
- Familiarity of MAS TRMG and other regulatory/industries requirements.
- Good communication (spoken and written) skills, able to work independently and as a team
- Certifications from either GIAC/Offensive Security/CREST required.
- Hands on experience in using Kali Linux, tools such as Burp, Tenable and other penetration testing, and secure code review tools
- Experience in conducting penetration testing for Banks in Singapore will be highly preferred
- Experience in conducting code review for AS400 and legacy mainframe systems will be an advantage
Who we are
As Singapore's longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.
Today, we're on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation.
But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia's leading financial services partner for a sustainable future.
We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career. Your Opportunity Starts Here.
What we offer
Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Equal opportunity. Fair employment. Selection based on ability and fit with our culture and values. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.
*What we offer: *
Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.
Risk Services - Cyber Security Testing Associate - 2026 Intake
Posted today
Job Viewed
Job Description
Overview
Risk Services - Cyber Security Testing Associate - 2026 Intake. At PwC, we help clients build trust and reinvent so they can turn complexity into competitive advantage. We’re a tech-forward, people-empowered network with more than 370,000 people in 149 countries. Across audit and assurance, tax and legal, deals and consulting we help clients build, accelerate and sustain momentum. Find out more at
Our Risk Services Team provides an invaluable safeguard in today’s complex operating environment with insights and independent assurance. We work with clients to deliver business control to help them protect and strengthen every aspect of their business from people to performance, systems to strategy, business plans to business resilience. We help clients manage, mitigate and control risks from potential cybersecurity breaches to possible breaks in the supply chain. We assess and prepare businesses by looking into their technology, finance, data analytics, regulatory requirements, data security and privacy, internal audit, and the third parties our clients rely on, to help clients deliver quality results and meet their strategic objectives. We work with our clients to build trust across their digital/technology-enabled businesses and address areas such as the loss or misuse of important data, failure to react to changes in the market, implementing and reviewing systems or business processes, while also verifying that third-party providers effectively manage and control current and future cybersecurity threats through rigorous penetration testing and red teaming exercises. In the Cybersecurity team, we help clients to achieve their business objectives by providing various services such as penetration testing, red teaming, source code review, etc.
Responsibilities- Penetration Testing – identify and exploit vulnerabilities to help clients secure assets and protect sensitive data, with hands-on experience and professional growth.
- Red Teaming – simulate adversary tactics to test organizational defenses, focusing on achieving objectives, conducting covert operations, and maintaining long-term access to compromised systems.
- Cybersecurity Assessment – assess clients’ security posture through host configuration reviews against industry benchmarks, source code reviews, architecture reviews, and cybersecurity risk assessment.
- Computer Science, Computer Engineering, and Information Technology students from reputable local and overseas universities
- Strong fundamental knowledge of information technology and cyber security
- Knowledge of security testing tools (e.g. Kali Linux, Covenant, Metasploit, nmap, Burp Suite, etc.)
- Willingness to develop professionally and contribute to a team
- Highly motivated, enthusiastic, confident, and creative with strong interpersonal and communication skills
- Critical thinking and problem solving
- Commitment to teamwork and excellence
- Knowledge of scripting languages (e.g. Bash, Python)
- Penetration testing certifications (e.g. CEH, CRT, OSCP) is an advantage
- Participation in CTF, disclosed information security flaws, CVE publications, or offensive security research is an advantage
- Available for work visa sponsorship: Yes
- Government clearance required: No
- Job Posting End Date: (not specified in description)
- Education: Degrees/Field of Study required and preferred not specified
- Experience level: Internship
- Employment type: Full-time
- Job function: Other
- Industry: Accounting
For questions, email
#J-18808-LjbffrPenetration Testing Security Specialist
Posted today
Job Viewed
Job Description
Job Description:
As a Cybersecurity Specialist, you will lead the execution of full-scope attacks on networks, applications, cloud, and operational technology (OT). Your primary objective is to bypass advanced defenses and deliver actionable remediation strategies.
Key Responsibilities:
1. Advanced Threat Emulation involves CAT1-cleared engagements, network breach segmented government networks, application exploitation, cloud attack AWS GovCloud/Azure Government environments, OT system penetration, and custom malware/exploit development.
Required Skills and Qualifications:
You must have expertise in C++ and Python programming languages for developing custom malware/exploits that can evade Endpoint Detection and Response (EDR)/Extended Detection and Response (XDR) systems. Additionally, you should be familiar with Siemens and Rockwell automation systems.
Benefits:
This role offers a challenging environment where you can utilize your skills to make a significant impact in ensuring the security of Singapore government and critical infrastructure sectors.
Others:
In this position, you will work closely with our team to develop and execute comprehensive cybersecurity plans that safeguard against emerging threats.
Lead Engineer - Penetration Testing (Cyber Security Office)
Posted today
Job Viewed
Job Description
Overview
The Penetration Testing function will be responsible for planning and overseeing the delivery of testing and certification services, or designing and performing tests and check cases to determine if infrastructure components, systems and applications meet security standards for confidentiality, integrity, authentication, availability, authorisation and non-repudiation. The role translates requirements into test plans, writes and executes test scripts or code in line with standards and procedures to determine vulnerability from attacks. It certifies components and reports on testing outcomes, providing recommendations and managing stakeholder expectations while ensuring compliance with assessment and testing standards, processes and tools. The role may also develop the organisational security testing capability and support knowledge management.
Responsibilities
Operate a hands-on role involving penetration testing and vulnerability assessment of ICT systems (e.g., Web, Mobile, Thick Client, Network).
Plan and create penetration testing methods, scripts, and tests.
Carry out scoping activities to identify components requiring penetration testing.
Define test requirements and criteria for penetration testing.
Create reports and recommendations from findings, security issues and risk levels.
Advise on methods to fix or lower security risks to the Development Team.
Present findings, risks, and conclusions to stakeholders.
Automate penetration testing activities to save time and effort.
Mentor and train new joiners and junior resources on Penetration Testing activities.
Involve in security testing and tools procurement activities.
Contribute to Penetration Testing process improvement.
Requirements
5+ years of relevant experience including Penetration Testing on Web Applications, Mobile, Thick Client and Infrastructure applications.
Business risk awareness with strong reporting, writing, and client presentation skills. Consulting experience within a Professional Services organization.
Strong analytical skills and ability to work independently.
Responsible for delivery of project objectives; good sense of ownership.
Programming skills in at least one of: SAP, ABAP, .NET, Python, Ruby, Java or Regular expressions.
Experience in the healthcare industry is an advantage.
Must have OSCP or CREST-CRT certifications; additional certifications like OSCE or CISSP are a plus.
Good team player with excellent verbal and written communication skills.
#J-18808-Ljbffr
Be The First To Know
About the latest Security testing Jobs in Singapore !