Key Words: Penetration Testing, Vulnerability assessment, Code Review, ISO/IEC, Common Criteria, Web Security, Network Security, Mobile Security, Embedded Software Security, Wireless testing, Remediation, Security Assessments, Cyber Security Assurance, Compliance
Role: Security Tester
Industry: Security, Information Technology
About Our Client
- Our client has a globally diverse environment with a presence across different regions. They have testing and R&D labs all over Europe and the US, including the Singapore office.
- The client’s mission is to make the world safer, more secure, and sustainable; this has been in their business model for over 100 years since they were founded and is deeply rooted in everything they do.
- They offer services such as testing, validate/verify, certify, and advise on the clients’ functional security and non-functional cybersecurity of their products, systems, and ecosystems.
About the Security Tester
*We are looking at this at different experience/seniority levels due to the growth of the team.
- Conduct penetration testing on different domains such as devices, semiconductor products, web and mobile products, embedded and hardware products, wireless products, software, cloud-based software, and smart device applications in accordance with the products' industry standard.
- These products and systems are in different industries such as: . critical infrastructure, building automation, lighting, safety, digital, large commercial appliances, smart home, automotive, manufacturing, smart card/payments, etc.
- Perform secure code review as per best practices.
- Use a variety of penetration testing or threat modelling tools including open source and commercial tools.
- Create detailed technical reports of security tests aligned to customer and certification scheme requirements.
- Clearly articulate risk to the business in a clear and concise manner that can be understood both by technical and business audience.
- Provide consultancy to remediate security gaps.
- Develop sophisticated, state-of-the-art attacks with tools and scripts by maintaining a high level of expertise in the latest attack methods against embedded products.
- Support the Sales and Project Management team on evaluation scoping, resource requirements, certification body and customer expectations.
- Maintain/improve technical knowledge by attending educational workshops, reviewing professional publications, obtaining applicable certifications, and participating in professional societies and cross-departmental task forces.
- Contribute to internal work processes by improving tools to evaluate efficiency, report writing and technical training.
Please note: Interested Applicants must be able to work in Singapore.
- Degree in Computer Security, Computer Science, or other equivalent discipline
- Hands-on penetration testing experience on different systems and technology devices.
- Experience in secure code reviews is a plus.
- Knowledge and experience in using a variety of penetration testing or threat modelling tools including open source and commercial.
- Relevant security certifications are a plus. (OSCP, GPEN, CISSP)
- Knowledge/experience of VAPT in accordance with ISO/IEC standards.
- Experiencing in executing security assessments and penetration tests to highlight and clearly articulate risk to the business in terms they understand.
- Create detailed technical reports of security tests in line with customer and certification scheme requirements.
- Proven consultancy experience to remediate security gaps.
If you are interested to learn more about the above job role or any other job opportunities, please apply to this job advertisement or alternatively contact the following consultant:
SearchElect Pte. Ltd. adheres to the Singapore Ministry of Manpower Tripartite guidelines on Non-Discriminatory Job Advertisements which you can find more information about HERE. If you feel any part of this job advertisement is discriminatory please immediately raise to our attention via firstname.lastname@example.org. We take these matters seriously and thank you for your cooperation.