514 Vulnerability Assessment jobs in Singapore
Manager (Penetration Test & Vulnerability Assessment)
Posted today
Job Viewed
Job Description
MINDEF
Permanent
Closing on 21 Sep 2025
What the role is
You will play a pivotal role in safeguarding Singapore's defence and security interests by conducting comprehensive Penetration Testing (PT), Vulnerability Assessments (VA), and Source Code Security Reviews on IT assets, including infrastructure, web applications, and military applications.
What you will be working on
- Conduct comprehensive Penetration Testing (PT), Vulnerability Assessments (VA), and Source Code Security Reviews on IT assets, including infrastructure, web applications, and military applications
- Develop tailored security assessment tools and scripts to enhance testing capabilities and address evolving threat vectors
- Document findings, conduct analysis, and prepare detailed technical reports, including executive summaries for various stakeholders
- Collaborate with security engineers, developers, and other stakeholders to provide actionable guidance on remediating identified security risks and vulnerabilities
- Provide expertise in the design and implementation of security controls across applications, infrastructure, and network systems
- Develop and deliver specialised training and awareness programs to elevate the cybersecurity capabilities of the SAF personnel, with opportunities for growth in leadership and knowledge-sharing in the military cybersecurity context
- Maintain up-to-date knowledge of emerging threats, security best practices, and industry-standard frameworks
Challenge(s) - Maintaining consistent quality under time pressure
- Quickly learning and troubleshooting various tools and platforms
What we are looking for
- Education in Information Security, Computer Science, IT or a related field
- Industry-recognised certifications such as CREST CRT, GPEN, or OSCP
- At least 1 year of hands-on experience in conducting PT and VA, with a strong preference for experience in military or government-focused penetration testing
- Experience conducting security assessments on application infrastructure, networks, and cloud-based systems
- Strong understanding of web application, infrastructure, and network security architecture
- Excellent communication and presentation skills, with a focus on conveying complex security findings to both technical and non-technical stakeholders
- Ability to work independently and collaboratively within cross-functional teams
- Highly analytical, self-driven, and committed to continuous learning and skill enhancement
- Proficiency in scripting languages, such as Python, PowerShell, JavaScript, VBScript, Ruby, or Perl
- Track record of identifying and disclosing vulnerabilities or recognition in Capture-The-Flag (CTF) competitions
- Proficiency with tools such as BurpSuite, Metasploit, Nexpose, Nessus, and other industry-standard penetration testing and vulnerability assessment tools
Appointment will be commensurate with your experience.
Only shortlisted candidates will be notified.
About MINDEF
The mission of MINDEF and the Singapore Armed Forces is to enhance Singapore's peace and security through deterrence and diplomacy, and should these fail, to secure a swift and decisive victory over the aggressor.
The Defence Executive Officer (DXO) scheme is the non-uniformed career scheme of MINDEF that offers myriad opportunities in various job functions, such as corporate communications, cyber security, data analytics and visualisation, defence policy, finance, HR, psychology, and more. Embodying the same level of commitment towards defence, DXOs work together with their military counterparts to contribute to MINDEF/SAF's mission and ensure Singapore's security and stability. United by this common cause, our lines of defence complement each other to secure the prosperity and progress of our nation.
About your application process
This job is closing on 21 Sep 2025.
If you do not hear from us within 4 weeks of the job ad closing date, we seek your understanding that it is likely that we are not moving forward with your application for this role. We thank you for your interest and would like to assure you that this does not affect your other job applications with the Public Service. We encourage you to explore and for other roles within MINDEF or the wider Public Service.
Information Security
Posted today
Job Viewed
Job Description
Job Objectives
The Security Governance Specialist role will support the Head of Security Governance in enhancing and maintaining the Security Governance within the Group Information Security(GIS) function in the Bank.
Key Responsibilities
This position will support senior Security Governance team members and work closely with various business, risk and technology stakeholders to:
Proactively assess the compliance exposure to current and emerging security-related regulatory requirements and plan & track remediation efforts.
Manage reverse third-party due diligence engagements related to GIS.
Manage audit, assurance and regulatory engagements related to GIS including ongoing knowledge management on queries and request for information.
Track and report against the technology KORI(Key Operational Risk Indicators)/KRIs and required security metrics.
Execution of the GIS KRCSA (Key Risk and Control Self Assessments).
Management policy, procedures and standards updates and control.
Manage various GIS initiatives and duties as assigned.
Key Requirements
Communicate effectively with a variety of internal and external teams and stakeholders.
Capable of managing a variety of priorities and deliverables with minimal guidance or supervision.
Ability to respond to any requests and issues on a timely basis.
Education
Diploma/Degree in engineering/Computer Science / IT/Cyber Security from a recognized education institution.
Professional Technology Risk Management/Cybersecurity related qualification will be favorable although not mandatory.
Knowledge of industry best practices.
Technical Skills
Overall experience 5+ years of experience.
2+ years of relevant experience in Security/IT governance disciplines.
Have a strong security risk and analytical mindset in approaching situations and interactions with stakeholders.
Effective negotiating skills and demonstrated sensitivity to working and interacting with stakeholders.
Good knowledge of Security concepts and practices.
Good knowledge of Security related guidelines and advisories from regulators.
Good with numbers for use in metrics.
Soft Skills
Good written and verbal communication skills and expertise in setting and managing stakeholder expectations.
Process aware mindset.
Strong analytical and problem-solving skills.
Effective time management and organizational skills.
Strong team player.
Able to work independently with minimal supervision.
High degree of attention to detail and discipline on tracking and managing the closure of identified gaps and issues.
Willing to learn quickly.
Information Security
Posted today
Job Viewed
Job Description
Internship
Summary
Provide better appreciation and experiential learning in Cybersecurity defence in terms of concepts, architecture, technologies, tools, and operations.
Job Description
Responsibilities:
Application Security
Research web and mobile application security best practices
Research into the latest IAM technologies and propose enhancements to existing SIA infrastructure
Assist in tracking and resolving penetration test and threat modelling findings
Perform internal security testing using Burp Suite and Kali Linux, etc.
Security Compliance
Work closely with various IT teams to identify, assess and manage information security risks
Assist to coordinate with application and various IT teams on various compliance controls.
Perform proactive threat analysis from network traffic, user and security logs, and other relevant security data to hunt for potential adversary activity.
MAS Technology Risk Management Guidelines
-Assist to collect and compile security related statistics, assess the information and prepare management reports.
- Assist in conducting regular phishing campaigns and compile the results for analysis.
Risk Management
- Assess and enforce the security controls of IT projects
Projects
Assist in the Cyber and Information Security project requirement gathering, procurement and implementations.
Assist the project manager and liaise with vendor
Provide internal support during the implementation
Requirements:
Pursuing a degree with specialization in Information Security
Interest in cyber security
Good trouble-shooting and analytical skills
Independent and resourceful
Good interpersonal skills
Information Security
Posted today
Job Viewed
Job Description
Summary
Provide better appreciation and experiential learning in Cybersecurity defence in terms of concepts, architecture, technologies, tools, and operations.
Job Description
Responsibilities:
Application Security
- Research web and mobile application security best practices
- Research into the latest IAM technologies and propose enhancements to existing SIA infrastructure
- Assist in tracking and resolving penetration test and threat modelling findings
- Perform internal security testing using Burp Suite and Kali Linux, etc.
Security Compliance
- Work closely with various IT teams to identify, assess and manage information security risks
- Assist to coordinate with application and various IT teams on various compliance controls.
- Perform proactive threat analysis from network traffic, user and security logs, and other relevant security data to hunt for potential adversary activity.
MAS Technology Risk Management Guidelines
- Assist to collect and compile security related statistics, assess the information and prepare management reports.
- Assist in conducting regular phishing campaigns and compile the results for analysis.
Risk Management
- Assess and enforce the security controls of IT projects
Projects
- Assist in the Cyber and Information Security project requirement gathering, procurement and implementations.
- Assist the project manager and liaise with vendor
- Provide internal support during the implementation
Requirements
- Pursuing a degree with specialization in Information Security
- Interest in cyber security
- Good trouble-shooting and analytical skills
- Independent and resourceful
- Good interpersonal skills
Information Security Manager
Posted 2 days ago
Job Viewed
Job Description
Overview
Primary Objectives of Position
Manage security operation to ensure the safe use of IT systems and assets as well as protect against cybersecurity threats.
Manage various stages of projects in conception and initiation, planning, execution, performance/ monitoring, and project closure.
Responsibilities- Establish, implement and maintain a sustainable information security framework that effectively addresses evolving and diverse cybersecurity threats.
- Perform risk assessments on Information, Operational and Assistive Technologies for vulnerabilities and implement security controls to reduce identified risks to an acceptable level.
- Monitor security alerts/ logs from IT systems, network and applications against baselines and gather publicly available information to identify precursors or indicators of cybersecurity attacks.
- Contain and eradicate cybersecurity incident effectively to prevent recurrence and restore systems and recover normal operations as quickly as possible.
- Hold lessons learned meetings to help improve security measures and incident handling process.
- Publish security advisories, conduct security workshops and share lessons learned to improve users’ awareness regarding cybersecurity matters.
- Perform information security audits to determine security violations and inefficiencies and recommend effective security controls.
- Oversee information security investigations with internal team, funders and local authorities and/ or 3rd party providers.
- Participate in various meetings and share compliance/ performance reports and audit findings to Management teams.
- Undertake information security related projects.
The above activities are no means exhaustive and are subjected to amendment whenever is needed
Job Specifications Minimum Education / Qualifications- Degree in Information systems or equivalent
- 2 or more years’ experiences in setting up and managing information security operations.
- Familiar with ISO27001 ISMS, NIST and/ or CIS frameworks.
- Experiences in incident handling and understanding in digital forensic investigation, tools and processes.
- Experiences in security protections, practices or solutions like Firewall, IDS/ IPS, DLP, WAF, NAC, WiFi security, encryption, patch management, etc.
- CISA, CISM, CISSP and/ or PMP certifications will be an advantage.
- Knowledgeable in Microsoft Office and other Windows and web applications.
- Meticulous and hands on.
- Excellent communication and written skills.
- Strong analytical and problem-solving skills.
- Team player with excellent interpersonal skills and multi-tasker.
- Customer-centric and proactive
Information Security Manager
Posted 2 days ago
Job Viewed
Job Description
Overview
Primary Objectives of Position
Manage security operation to ensure the safe use of IT systems and assets as well as protect against cybersecurity threats.
Manage various stages of projects in conception and initiation, planning, execution, performance/ monitoring, and project closure.
Responsibilities- Establish, implement and maintain a sustainable information security framework that effectively addresses evolving and diverse cybersecurity threats.
- Perform risk assessments on Information, Operational and Assistive Technologies for vulnerabilities and implement security controls to reduce identified risks to an acceptable level.
- Monitor security alerts/ logs from IT systems, network and applications against baselines and gather publicly available information to identify precursors or indicators of cybersecurity attacks.
- Contain and eradicate cybersecurity incident effectively to prevent recurrence and restore systems and recover normal operations as quickly as possible.
- Hold lessons learned meetings to help improve security measures and incident handling process.
- Publish security advisories, conduct security workshops and share lessons learned to improve users’ awareness regarding cybersecurity matters.
- Perform information security audits to determine security violations and inefficiencies and recommend effective security controls.
- Oversee information security investigations with internal team, funders and local authorities and/ or 3rd party providers.
- Participate in various meetings and share compliance/ performance reports and audit findings to Management teams.
- Undertake information security related projects.
The above activities are no means exhaustive and are subjected to amendment whenever is needed
Job Specifications Minimum Education / Qualifications- Degree in Information systems or equivalent
- 2 or more years’ experiences in setting up and managing information security operations.
- Familiar with ISO27001 ISMS, NIST and/ or CIS frameworks.
- Experiences in incident handling and understanding in digital forensic investigation, tools and processes.
- Experiences in security protections, practices or solutions like Firewall, IDS/ IPS, DLP, WAF, NAC, WiFi security, encryption, patch management, etc.
- CISA, CISM, CISSP and/ or PMP certifications will be an advantage.
- Knowledgeable in Microsoft Office and other Windows and web applications.
- Meticulous and hands on.
- Excellent communication and written skills.
- Strong analytical and problem-solving skills.
- Team player with excellent interpersonal skills and multi-tasker.
- Customer-centric and proactive
Information Security Auditor
Posted 12 days ago
Job Viewed
Job Description
Job Nature
The Information Security Auditor will be responsible for assessing, monitoring, and ensuring the organization’s compliance with international security standards (ISO 27001), cybersecurity frameworks, and data protection regulations. The role involves planning and conducting internal/external audits, identifying risks and vulnerabilities, and recommending corrective actions. The auditor will work closely with IT, compliance, and business teams to strengthen the organization’s security posture and support certification/recertification processes.
Key Responsibilities- Audit & Compliance - Plan, conduct, and report on internal information security audits aligned with ISO 27001 and other frameworks. Support external audits and certification processes by liaising with auditors and regulatory bodies. Ensure compliance with data protection laws (e.g., GDPR, PDPA where applicable).
- Risk & Controls Assessment - Evaluate existing security controls, policies, and procedures for effectiveness. Identify risks, vulnerabilities, and gaps in cybersecurity and data protection practices. Recommend improvements and track corrective/preventive actions (CAPA).
- Documentation & Reporting - Develop and maintain audit checklists, reports, and compliance documentation. Provide management with clear audit findings and risk assessments. Maintain evidence logs for ISO 27001 controls and compliance purposes.
- Stakeholder Engagement - Collaborate with IT, HR, Legal, and Business units to ensure alignment with security policies. Conduct awareness sessions to promote compliance culture. Advise leadership on security risks, trends, and mitigation strategies.
- Continuous Improvement - Monitor changes in international standards and regulatory requirements. Drive continuous improvement of Information Security Management Systems (ISMS). Benchmark practices against industry best standards (e.g., NIST, CIS Controls).
Education & Certifications
- Diploma or Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or related field.
- ISO/IEC 27001 Lead Auditor / Lead Implementer certification (preferred).
- Additional certifications are an advantage: CISA, CISM, CISSP, GDPR Practitioner, CEH.
Experience
- 3–7 years of experience in information security, IT audit, or compliance. Personnel with no expereince are welcome to apply.
- Proven track record in conducting ISO 27001 audits (internal or external will be an advantage).
- Experience with data protection regulations (PDPA, GDPR etc.)
- Hands-on knowledge of cybersecurity practices, risk assessment, and incident response.
Skills
- Strong understanding of ISMS principles, risk management, and compliance frameworks.
- Ability to analyze technical controls (network, cloud, applications) from a compliance perspective.
- Excellent report writing and presentation skills.
- Strong communication, stakeholder management, and problem-solving skills.
- Ability to work independently and manage multiple audits/projects simultaneously.
Be The First To Know
About the latest Vulnerability assessment Jobs in Singapore !
Information Security Engineer
Posted 17 days ago
Job Viewed
Job Description
KEY RESPONSIBILITIES
Carry out the end-to-end security management for enterprise of application security, host security, data security, network security, including but not limited to security policy management and system maintenance.
Responsible for the Governance, Risk and Compliance technical implementation of personal information protection requirements.
Project management, plan and coordinate security tools implementation throughout the overseas region. Providing periodic reporting of progress and issues.
Conduct and perform periodic security awareness training and phishing campaigns.
Responsible for the break-down and implementation of the development work in the baseline specification and technical architecture.
Provide day-to-day IT support to all employees, including troubleshooting hardware, software, network, and system issues.
Manage and maintain IT infrastructure, including servers, network devices, computers, printers, and security systems.
KEY REQUIREMENTS
The ideal candidates we are looking for should be seasoned Information Security Professionals with:
Bachelor’s degree or above in Computer Science.
At least 3 years working experience in network or information security related fields.
Familiar with ISO27001, ITIL related technical standards and control measures.
Familiar with common information security products and technical principles, e.g. system and network security, DLP, antivirus, encryption, SIEM, Zero Trust etc.
Security certification such as CISSP, CISA, CCNP, CCIE is preferred.
Information Security Associate
Posted 18 days ago
Job Viewed
Job Description
#J-18808-Ljbffr
Information Security Engineer
Posted 21 days ago
Job Viewed
Job Description
Join to apply for the Information Security Engineer role at Manpower Singapore
2 days ago Be among the first 25 applicants
Join to apply for the Information Security Engineer role at Manpower Singapore
Information Security Engineer, Vulnerability Management and Operation
We are seeking an exceptional Security Engineer to support our vulnerability management program. This is a technical, operation-oriented, and hands-on role in a dynamic and fast-paced environment.
You'll work with various applications and systems to manage vulnerabilities, follow up with different teams, drive remediation, and improve current processes.
Description- You will join a team that stays up to date on emerging security vulnerabilities and threats, maintains composure in crises, and advocates for improving product and service security.
- You need a good technical background and a strong interest in network, system, and web security.
- The role requires excellent communication skills to collaborate effectively with diverse teams. Responsibilities include:
- Working cross-functionally to identify and assess vulnerabilities, guiding teams through the remediation lifecycle with a focus on timely resolution and outcome-driven communication.
- Using programming to analyze large data dumps related to systems and applications to extract key information for vulnerability impact analysis.
- BSc in Computer Science, Information Technology, Information Security, or related field
- At least 3 years of experience in information security or related field
- Self-starter with flexibility to work remotely and support a global team
- Ability to manage multiple activities concurrently
- Passionate about data security
- Experience with vulnerability scanning tools like Tenable, Qualys, etc.
- Familiarity with common security vulnerabilities and their severity assessment
- Ability to analyze vulnerabilities and provide remediation guidance
- Independent in supporting and driving vulnerability remediation
- Continuous improvement mindset and automation skills
- Ability to run proof of concept for known vulnerabilities
- Understanding of IPv4 and IPv6 networks
- Proficiency in programming languages such as Python, Go, Rust, or Bash scripting
- Excellent critical thinking skills
- Problem-solving skills related to logic and algorithms
- Experience with SQL and Linux
- Experience with penetration testing
- Knowledge of the security research community
Note: Your response to this advertisement and communications will constitute informed consent for the collection, use, and disclosure of personal data by ManpowerGroup Singapore, in accordance with the Personal Data Protection Act 2012. For more information, visit ManpowerGroup's Privacy Policy .
#J-18808-Ljbffr