Open to Singapore Citizens Only
Penetration Test and Vulnerability Assessment Expert - Cyber Protection Group
What You Will Do
• Conduct comprehensive Penetration Testing (PT), Vulnerability Assessments (VA), and Source Code Security Reviews on IT assets, including infrastructure, web applications, and military applications.
• Develop tailored security assessment tools and scripts to enhance testing capabilities and address evolving threat vectors.
• Document findings, conduct analysis, and prepare detailed technical reports, including executive summaries for various stakeholders.
• Collaborate with security engineers, developers, and other stakeholders to provide actionable guidance on remediating identified security risks and vulnerabilities.
• Provide expertise in the design and implementation of security controls across applications, infrastructure, and network systems.
• Develop and deliver specialized training and awareness programs to elevate the cybersecurity capabilities of the SAF personnel, with opportunities for growth in leadership and knowledge-sharing in the military cybersecurity context.
• Maintain up-to-date knowledge of emerging threats, security best practices, and industry-standard frameworks.
What You Will Bring
• Education in Information Security, Computer Science, IT, or a related field.
• Minimum of 1 year of hands-on experience in conducting PT and VA, with a strong preference for experience in military or government-focused penetration testing
• Industry-recognized certifications such as CREST CRT, GPEN, or OSCP
• Strong understanding of web application, infrastructure, and network security architecture.
• Excellent communication and presentation skills, with a focus on conveying complex security findings to both technical and non-technical stakeholders.
• Demonstrated ability to work independently and collaboratively within cross-functional teams.
• Highly analytical, self-driven, and committed to continuous learning and skill enhancement.
Good to Have
• Proficiency in scripting languages, such as Python, PowerShell, JavaScript, VBScript, Ruby, or Perl.
• Track record of identifying and disclosing vulnerabilities or recognition in Capture-The-Flag (CTF) competitions.
• Proficiency with tools such as BurpSuite, Metasploit, Nexpose, Nessus, and other industry-standard penetration testing and vulnerability assessment tools.
• Experience conducting security assessments on application infrastructure, networks, and cloud-based systems.
Join us in shaping the future of defence technology. Apply today!
