We are partnering with a boutique consultancy that has been expanding its team progressively in the past few years. The ideal candidate will have hands-on experience in vulnerability assessment and penetration testing (VAPT), and a strong foundation in offensive security practices. This role requires a proactive individual who can assess, identify, and exploit security vulnerabilities across network and web environments, and provide actionable remediation recommendations to strengthen clients' security posture.

Key Responsibilities:

• Conduct network and web application vulnerability assessments and penetration tests (VAPT) to identify and validate security risks.
• ⁠Prepare detailed reports outlining findings, risks, and practical remediation strategies.
• Work closely with clients and internal teams to deliver effective security solutions.
• ⁠Stay updated with emerging security threats, exploits, and industry best practices.
• Support internal research and development to enhance service offerings.

Requirements:

• Must be a Singapore Citizen.
• Minimum 2 years of relevant hands-on security testing experiences.
• Certifications (at least one required): OSCP / OSCP+ / CRT
• Strong knowledge of network protocols, web application architecture, and common vulnerabilities (e.g., OWASP Top 10).
• Familiarity with industry-standard tools (e.g., Burp Suite, Metasploit, Nmap, Nessus, etc.).
• Strong analytical and problem-solving skills with attention to detail.
• Excellent communication and report-writing skills.

Good to Have:

• Additional offensive security certifications (e.g., OSWE, OSEP, CRTO, CRTL).
• ⁠Exposure to source code review, cloud penetration testing and mobile application testing.
• Experience working with government or regulated industry clients.

Why Join Us?

• Opportunity to work on challenging, real-world security engagements.
• Professional growth through advanced projects and certifications.
• Collaborative and knowledge-sharing environment.