Senior Engineer (Vulnerability and Pentester) 'Singaporeans Only' [Job Code 2009295P]
Due to expansion of our client's business, we continue to look for suitable candidates to work at our client's office. Write to us if you are an individual who has experience in the activities listed below, and is keen to take up new challenges!
- Perform application and infrastructure penetration tests for customers
- Conducting application security assessments and penetration tests (web, mobile, web service, etc.). Assessments involve manual testing and analysis as well as the use of automated application vulnerability scanning/testing and/or code review tools i.e. Burp Suite Professional, HP Fortify or Checkmarx
- Writing a formal security assessment report for each application, using our company’s standard reporting format
- Participating in conference calls or on client’s site with potential client to scope out newly requested security projects and estimate the amount of time required to complete the project and current clients to review assessment results and consult with the clients on remediation options
- Retesting security vulnerabilities and republishing reports to indicate the retesting results
- Perform security reviews of application designs, source code and deployments as required, covering all types of applications (web application, web services, mobile applications, thick client applications, SaaS)
- Work on improvements for provided security services, including the continuous enhancement of existing methodology material and supporting assets
- Report and present on findings
- Degree in Computer Engineering, Computer Science, Information Systems, Digital Forensics or equivalent qualifications
- Minimum 2 years’ of relevant work experience in IT security implementation and operations
- Possessed OSCP or attained CREST
- Experience with various security tools and products (Fortify, AppScan, Nessus etc)
- Several years of experience developing web and/or mobile applications, preferably hard-core financial, e-commerce, or business applications that face the Internet required
- Knowledge of the HTTP protocol and how it works
- Experience performing application security testing using manual techniques plus runtime vulnerability testing tools and/or code review tools
- Experience with network/infrastructure-level penetration testing (preferred)
- Understanding of cryptography principles
- Good interpersonal skills and a team player
- Strong presentation and writing skills
- Only Singapore citizens need to apply
Please send your cv to
- [Click Here to Email Your Resume]
- in word document;
- listing your personal particulars, education qualification and work experience;
- listing your current and expected salary details.
As we are hiring this position urgently, we do look forward to hearing from you VERY SOON!
Only shortlisted candidates will be notified.
EA Licence No: 18C9353
EA Personnel Registration No: R2094750
HR Exchange Pte. Ltd. (EA Licence No: 18C9353)