Join us as we support Singapore’s vision of building a Smart Nation - a nation of possibilities empowered through info-communications technology and related engineering.
Do you want to play a critical role in securing our smart nation initiatives by uncovering weaknesses in various domains of cybersecurity programs even before the real threat actors come to play? And are you up to race against the real threat actors before organisations are compromised?
We are seeking a cybersecurity specialist in penetration testing & vulnerability assessment to join our Cyber Security Group’s Red Team. You will be part of the team that helps to protect our government’s assets from cyber-attacks. In addition, you will also have the opportunities to be involved in assessing the cybersecurity aspects of new developments in our smart nation initiatives, and demonstrate ability to quickly assimilate to knowledge in new technologies.
As part of this team, you will perform penetration testing and vulnerability assessment that span across infrastructure, web application, mobile application, source code security review, etc. This role will also involve you in carrying targeted Adversary Simulations.
What you will be working on:
- Support in the conduct of Penetration Testing (PT) and Vulnerability Assessment (VA) on IT assets
- Support in the conduct of Adversary Simulation (AS) on assets
- Support in the documentation of findings, analysis, report preparation and presentation
- Develop customised tools to conduct PT and AS
- Research in Penetration Testing and Adversary Simulation Techniques, Tactics and Procedures (TTPs)
- Familiar with security principles, policies and industry best practices
What we are looking for:
- Degree in Information Security , Computer Science/Engineering, IT, or equivalent
- Passionate in cybersecurity
- Good understanding of web application, system and infrastructure architecture
- Good communication & presentation skills
- Collaborative and team player, self-motivated, creative and versatile
- Penetration testing-specific certifications such as GPEN, CREST, OSCP is an advantage
- At least 2-year hands-on experience performing PT/VA
- Public disclosure of vulnerabilities or relevant awards/participations from Capture-The-Flags (CTF) competitions
- Experience using tools such as Nexpose/Nessus, BurpSuite, Metasploit, etc.
- Singapore citizen only