Job Description:

• Perform application penetration testing on web based application and thick-client application
• Perform mobile application penetration testing across different mobile platforms
• Perform network penetration testing on systems
• Exploit vulnerabilities to gain access, and expand access to remote systems
• Document technical issues and recommend mitigation controls identified during security assessments
• Research cutting edge security topics and new attack vendors
• Conduct compliance testing on web based application, mobile applications and thick/thin-client application that meet predetermined Technology Security Standards and other regulatory requirements such as MAS TRMG
• Conduct secure code review and design review of application

Requirements:

• Minimum 3 years of hands on penetration testing experience for web applications, thick/thin clients and mobile applications
• Experience conducting Secure Code Review/Design Review
• Degree in computer degree/computer engineering/information security or equivalent
• A working knowledge of all aspects of information security is essential
• Familiarity of MAS TRMG, PCI-DSS and other regulatory/industries requirements
• Good communication (spoken and written) skills, able to work independently and as a team
• Certified Ethical Hacker, GWAPT, GMOB, CCT-Web preferred
• Hands on experience in using tools such as Burp, Nessus, Nexpose, Web Inspect, Fortify and other penetration testing and secure code review tools
• Experience in conducting penetration testing for Banks in Singapore will be highly preferred
• Experience in conducting penetration testing for AS400 and legacy mainframe systems will be an advantage