152 Senior Penetration Testers jobs in Singapore

Are you ready to unleash your potential?

At Deloitte, our purpose is to make an impact that matters for our clients, our people, and the communities we serve.

We believe we have a responsibility to be a force for good, and WorldImpact is our portfolio of initiatives focused on making a tangible impact on society’s biggest challenges and creating a better future. We strive to advise clients on how to deliver purpose-led growth and embed more equitable, inclusive as well as sustainable business practices.

Hence, we seek talented individuals driven to excel and innovate, working together to achieve our shared goals.

We are committed to creating positive work experiences that foster a culture of respect and inclusion, where diverse perspectives are celebrated, and everyone is recognized for their contributions.

Ready to unleash your potential with us? Join the winning team now!

What you will do

Penetration Testers at Deloitte identifies and mitigates cyber risks by assessing systems, networks, and applications for vulnerabilities. They simulate real-world attacks, document findings, and provide security improvement recommendations. Staying updated on cybersecurity trends, they collaborate with other professionals to develop comprehensive security strategies.

You will

• Conduct comprehensive security assessments on systems, networks, and applications.
• Simulate cyberattacks to identify and evaluate system vulnerabilities.
• Perform various security testing activities, including Software/Web Application/Web Services penetration testing; Network Penetration Testing; Mobile Application Penetration Testing; Thick Client Penetration Testing
• Develop, document, and execute penetration testing methodologies aligned with industry standards.
• Prepare detailed technical reports summarizing findings, risk ratings, and remediation recommendations.
• Recommend and support the implementation of security policy improvements based on assessment results.
• Stay abreast of the latest penetration testing tools, exploits, and techniques.
• Provide security awareness training and guidance to internal teams.
• Collaborate closely with IT and development teams to enhance overall system security posture.

Your role as a leader

At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We expect our people to embrace and live our purpose and shared values, challenging themselves every day to identify issues that are most important to our clients, our people and the communities, and to make an impact that matters. Additionally, Senior Consultants across our Firm are expected to:

• Actively seek out developmental opportunities for growth, act as strong brand ambassadors for the firm as well as share their knowledge and experience with others.
• Understand the goals of our internal and external stakeholder to set personal priorities as well as align their teams’ work to achieve the objectives.
• Constantly challenge themselves, collaborate with others to deliver on tasks and take accountability for the results.
• Build productive relationships and communicate effectively in order to positively influence teams and other stakeholders.
• Project integrity and confidence while motivating others through team collaboration as well as recognising individual strengths, differences, and contributions.

Enough about us, let's talk about you.

• A good bachelor’s degree in Computer science, Cyber Security, Information Technology, or relevant field.
• Minimum of 5 years of experience in cybersecurity, with hands-on involvement in penetration testing or security assessment activities.
• Proficiency in using both automated tools and manual testing techniques.
• Strong understanding of common vulnerabilities, exploits, and attack methodologies.
• Possession of relevant certifications such as OSCP or CREST CRT is highly preferable.
• Excellent problem-solving and analytical skills.
• Ability to work effectively under pressure and deliver results within tight timelines.
• Strong self-management skills, with the ability to prioritize multiple tasks independently.

Due to volume of applications, we regret that only shortlisted candidates will be notified.

Please note that Deloitte will never reach out to you directly via messaging platforms to offer you employment opportunities or request for money or your personal information. Kindly apply for roles that you are interested in via this official Deloitte website.

MINDEF

Permanent

Closing on 21 Sep 2025

What the role is

You will play a pivotal role in safeguarding Singapore's defence and security interests by conducting comprehensive Penetration Testing (PT), Vulnerability Assessments (VA), and Source Code Security Reviews on IT assets, including infrastructure, web applications, and military applications.

What you will be working on

• Conduct comprehensive Penetration Testing (PT), Vulnerability Assessments (VA), and Source Code Security Reviews on IT assets, including infrastructure, web applications, and military applications
• Develop tailored security assessment tools and scripts to enhance testing capabilities and address evolving threat vectors
• Document findings, conduct analysis, and prepare detailed technical reports, including executive summaries for various stakeholders
• Collaborate with security engineers, developers, and other stakeholders to provide actionable guidance on remediating identified security risks and vulnerabilities
• Provide expertise in the design and implementation of security controls across applications, infrastructure, and network systems
• Develop and deliver specialised training and awareness programs to elevate the cybersecurity capabilities of the SAF personnel, with opportunities for growth in leadership and knowledge-sharing in the military cybersecurity context
• Maintain up-to-date knowledge of emerging threats, security best practices, and industry-standard frameworks
  Challenge(s)
• Maintaining consistent quality under time pressure
• Quickly learning and troubleshooting various tools and platforms

What we are looking for

• Education in Information Security, Computer Science, IT or a related field
• Industry-recognised certifications such as CREST CRT, GPEN, or OSCP
• At least 1 year of hands-on experience in conducting PT and VA, with a strong preference for experience in military or government-focused penetration testing
• Experience conducting security assessments on application infrastructure, networks, and cloud-based systems
• Strong understanding of web application, infrastructure, and network security architecture
• Excellent communication and presentation skills, with a focus on conveying complex security findings to both technical and non-technical stakeholders
• Ability to work independently and collaboratively within cross-functional teams
• Highly analytical, self-driven, and committed to continuous learning and skill enhancement
• Proficiency in scripting languages, such as Python, PowerShell, JavaScript, VBScript, Ruby, or Perl
• Track record of identifying and disclosing vulnerabilities or recognition in Capture-The-Flag (CTF) competitions
• Proficiency with tools such as BurpSuite, Metasploit, Nexpose, Nessus, and other industry-standard penetration testing and vulnerability assessment tools
  Appointment will be commensurate with your experience.
  Only shortlisted candidates will be notified.

About MINDEF

The mission of MINDEF and the Singapore Armed Forces is to enhance Singapore's peace and security through deterrence and diplomacy, and should these fail, to secure a swift and decisive victory over the aggressor.
The Defence Executive Officer (DXO) scheme is the non-uniformed career scheme of MINDEF that offers myriad opportunities in various job functions, such as corporate communications, cyber security, data analytics and visualisation, defence policy, finance, HR, psychology, and more. Embodying the same level of commitment towards defence, DXOs work together with their military counterparts to contribute to MINDEF/SAF's mission and ensure Singapore's security and stability. United by this common cause, our lines of defence complement each other to secure the prosperity and progress of our nation.

About your application process

This job is closing on 21 Sep 2025.

If you do not hear from us within 4 weeks of the job ad closing date, we seek your understanding that it is likely that we are not moving forward with your application for this role. We thank you for your interest and would like to assure you that this does not affect your other job applications with the Public Service. We encourage you to explore and for other roles within MINDEF or the wider Public Service.

Akkodis, is a global leader in the engineering and R&D market that is leveraging the power of connected data to accelerate innovation and digital transformation. With a shared passion for technology and talent, 50,000 engineers and digital experts deliver deep cross-sector expertise in 30 countries across North America, EMEA and APAC. Akkodis offers broad industry experience, and strong know-how in key technology sectors such as mobility, software & technology services, robotics, testing, simulations, data security, AI & data analytics. Akkodis is part of the Adecco Group. Akkodis is a commercial brand under which both AKKA and Modis entities operate.

As a Security Analyst with Akkodis, you will play a critical role in helping the client defend against sophisticated automated threats targeting their web platforms. You'll be responsible for analyzing large volumes of web traffic, identifying patterns and anomalies, and collaborating with multiple stakeholders to implement effective mitigation strategies.

This role requires a strong analytical mindset, excellent communication skills, and a passion for cybersecurity. You'll act as a trusted advisor to clients, providing actionable insights and supporting them through incident response and ongoing threat management.

Key Responsibilities

• Analyze web traffic data to detect and isolate advanced bot behaviors and automated attack patterns.
• Investigate anomalies and provide detailed, evidence-based reports to clients.
• Collaborate with clients to understand the business impact of automated threats and develop tailored mitigation strategies.
• Respond to incidents in accordance with premium service-level agreements (SLAs).
• Conduct regular client meetings to present findings, share insights, and guide strategic decisions.
• Work closely with internal research, data science, and product teams to deliver intelligence that informs product enhancements.
• Refine detection mechanisms by analyzing false positives and improving accuracy.
• Create clear and compelling data visualizations to validate findings and demonstrate impact.
• Maintain deep expertise in bot mitigation techniques and evolving threat landscapes.
• Take ownership of client issues and contribute to a collaborative team environment.

Qualifications & Skills

• Strong interest in cybersecurity and emerging threat trends.
• Excellent problem-solving skills and attention to detail.
• Effective communicator with the ability to engage both technical and non-technical stakeholders.
• Experience with SQL and data visualization tools (e.g., Tableau, Looker).
• Familiarity with scripting languages such as Python, Bash, or Go.
• Solid understanding of HTTP protocols and web infrastructure.
• Ability to work independently and as part of a cross-functional team.
• Bachelor's degree in IT, Computer Science, Engineering, Mathematics, or equivalent experience.

Preferred Qualifications

• Multilingual proficiency (e.g., Spanish or French) is a plus.

ALTEN Group is a world leader in Engineering and Technology consulting services providing outsourced Engineering, R&D, and IT Services for different industries such as Transportation, Defence, Energy and Security with 55,000 engineers in nearly 35 countries. ANOTECH is the subsidiary of the Group delivering ALTEN's Engineering Services in Singapore.

As a Security Analyst, you will be analyzing large amounts of traffic to websites to find correlations and patterns. Based on the conclusions drawn from the analysis, the analyst collaborates with the customer and with internal teams to implement mitigation strategies to stop automated website attacks.

Responsibilities:

· Monitor internal queue and provide incident response in line with the respective premium SLA

· Analyze false positives for detection mechanisms to hone the product

· Spend time analyzing web traffic data to identify and isolate new advanced bot behaviors

· Work with customers to fully understand the issues automated attacks cause to their business and devise strategies to mitigate or eliminate the issues

· Have regular calls with customers to discuss findings and analysis

· Work with the organisation's internal research, data science, and product teams by delivering actionable intelligence that will inform future product enhancements

· Use data visualization tools to create consumable reports to quickly validate findings and demonstrate the efficacy of actions taken

· Be a trusted advisor, take ownership of all problems you encounter, and be a team player

Requirements:

· Minimum of 5 years relevant experience

· Bachelor's degree in IT/Mathematics/Engineering/Computer or equivalent demonstrated success

· Highly advantageous if you are fluent in Spanish or French language

· Proficient SQL skills

· Experience with data visualization tools like Tableau or Looker

· Experience in one or more languages such as Python, Bash, or Go

· HTTP network knowledge and can describe in some detail how websites are delivered to browsers

· Your customer facing skills are polished and you know not to guess when in doubt

· You have an interest in security/technology and keep up with the latest trends and news

· You love solving difficult problems and finding the needle in the haystack

· You have meticulous communication skills and are confident in your ability to have regular technical and non-technical calls

· You are a leader and can work independently as well as tightly with a team

Job Type: Permanent

Pay: $6, $9,000.00 per month

Benefits:

• Health insurance

Experience:

• Security Analysis: 5 years (Required)
• SQL/HTTP and data visualisation tools: 5 years (Required)
• Go/Bash/Python language and scripting: 5 years (Required)

Work Location: In person

Company Description

Hunto AI is dedicated to protecting organizations from external cyber threats through comprehensive discovery, monitoring, and enforcement. Our solutions are designed to ensure the highest level of security, providing robust defenses to safeguard our clients' valuable data. With a focus on proactive threat management and continuous monitoring, Hunto AI is at the forefront of cybersecurity innovation.

Role Description

This is a full-time remote role for a Security Analyst. The Security Analyst will be responsible for monitoring and analyzing security threats, identifying vulnerabilities, and implementing security measures to protect against cyber attacks. Day-to-day tasks include conducting malware analysis, application security assessments, and network security reviews. The role also involves developing and enforcing security policies and procedures to ensure compliance with industry standards.

Qualifications

• Proficiency in Cybersecurity and Network Security
• Strong Application Security and Malware Analysis skills
• Excellent Analytical Skills
• Experience with security monitoring tools and techniques
• Ability to work independently and remotely
• Bachelor's degree in Cybersecurity, Information Technology, or related field
• Relevant certifications such as CISSP, CISM, or CEH are a plus

Job Description

We are looking for a motivated Security Analyst to join our team. The candidate will be responsible for ensuring the security, stability, and compliance of our IT infrastructure, cloud platforms, and applications. You will work closely with our operations and development teams to identify security risks, implement preventive measures, and respond to incidents.

Key Responsibilities:

• Monitor infrastructure, applications, and networks using security tools (e.g., Prometheus, ELK, Cloudflare, AWS GuardDuty).

• Perform vulnerability assessments, patch management, and system hardening.

• Implement and manage cloud security controls across AWS, Alibaba Cloud, and on-premise environments.

• Coordinate and support incident response activities, including investigation, mitigation, and reporting.

• Develop and maintain security baselines, policies, and best practices.

• Conduct log analysis, intrusion detection, and threat monitoring.

• Work with DevOps teams to integrate security into CI/CD pipelines (DevSecOps).

• Prepare documentation, reports, and recommendations for management and regulatory compliance.

⸻

Requirements:

• Degree/Diploma in Information Security, Computer Science, or related field.

• At least 3–5 years of experience in IT security, systems administration, or cloud infrastructure.

• Hands-on experience with security tools such as Prometheus, ELK/ELK Stack, SIEM platforms, IDS/IPS, and firewalls.

• Knowledge of cloud environments (AWS, Alibaba Cloud, Azure, or GCP) and container platforms (Docker, Kubernetes).

• Familiarity with security frameworks and standards (ISO27001, NIST, OWASP, Zero Trust).

• Strong troubleshooting and analytical skills.

• Relevant certifications (CISSP, CISM, CEH, CompTIA Security+, AWS Security Specialty) will be an advantage.

• Good communication skills and ability to work with cross-functional teams.

Our client is one of the leader in the banking industry, they are seeking for a junior secruity analyst to join the team.

Location: Changi Biz Park

Contract: 12 month

Salary up to $5000

• Automating Security Tasks: You'll be designing and implementing automation for routine cybersecurity activities—like threat detection, incident response, or system monitoring—so the defense team can work faster and focus on higher-priority issues.
• Data Analysis & Use Case Development: You'll analyze logs and security data from multiple sources, identify patterns, and develop automation use cases to proactively detect or mitigate threats.
• Cross-Functional Collaboration: You'll work with other teams (IT, application, network, and business teams) to find vulnerabilities and implement solutions, ensuring security is integrated across the organization.
• Technical Guidance: You'll act as a go-to expert for cybersecurity matters, advising teams and helping the organization strengthen its overall security posture.
• Continuous Learning & Innovation: You'll stay updated on the latest threats, tools, and industry practices, and implement innovative solutions to keep the organization ahead of potential risks.

PERSOLKELLY Singapore Pte Ltd
• RCB No E EA License No. 01C4394
• EA Registration No. R Ling Kai Jin)

By sending us your personal data and CV, you are deemed to consent to PERSOLKELLY Singapore Pte Ltd and its affiliates to collect, use and disclose your personal data for account creation in GO and the purposes set out in the Privacy Policy You acknowledge that you have read, understood, and agree with GO's Terms of Use the Privacy Policy. If you wish to withdraw your consent, please email us at Please feel free to contact us if you have any queries.

We are looking for a Security Analyst to join a dedicated team protecting critical digital assets around the clock.

In this role, you will:

• Monitor, detect, and respond to cybersecurity events and incidents
• Investigate potential threats, troubleshoot network or system issues, and ensure timely incident resolution
• Publish advisories, alerts, and threat intelligence to stakeholders
• Participate in cyber exercises and simulate incident scenarios to strengthen defenses

This is a rotating shift role including weekends and public holidays, with competitive pay, shift allowances, and overtime opportunities .

Role Overview

Our client, a leading global commodities brokerage and financial services firm, is seeking an IAM Operations Analyst to support and manage identity lifecycle processes, authentication, authorization, and access control across a full stack of business applications. The role will work closely with IT, security, and infrastructure teams to ensure secure and compliant access management.

Key Responsibilities

• Design and implement IAM frameworks aligned with security best practices and business needs

• Manage user provisioning, deprovisioning, and role-based access control across multiple systems

• Ensure compliance with regulations (e.g., GDPR, SOX) and internal security policies

• Maintain documentation of user access policies and audit logs for reporting purposes

• Conduct role-based access control (RBAC) reviews to minimize excessive or inappropriate permissions

• Collaborate with IT, security, and business stakeholders to align IAM initiatives with organizational goals

• Lead investigations into access-related incidents and recommend remediation measures

• Promote security awareness and train staff on access policies and procedures

• Oversee IAM team activities, including performance appraisals and ensuring SLAs are met

• Monitor and manage Jira queues to ensure timely resolution of requests

Requirements

• Strong knowledge of IAM tools (e.g., Okta, SailPoint, CyberArk, Azure AD) and technologies such as SSO, MFA, and RBAC

• Solid understanding of security principles such as least privilege, identity governance, and privileged access management

• Familiarity with compliance frameworks and regulations such as GDPR, SOX, HIPAA, ISO 27001

• Strong problem-solving, analytical, and communication skills with the ability to work across technical and non-technical teams

• Experience conducting audits, producing reports, and ensuring IAM systems comply with legal and regulatory standards

• Ability to respond effectively to access-related incidents and manage IAM operations in high-pressure situations

• Experience working in regulated industries such as financial services

• Proven ability to engage stakeholders and present IAM risks and performance to senior leadership

Yang Lily, Recruit Avenue Pte. Ltd.

EA License Number: 23C1935 | EA Personnel Number: R

commodities