Perform application penetration testing on web-based application and thick-client application.
Perform mobile application penetration testing across different mobile platforms
Perform network penetration testing on systems.
Exploit vulnerabilities to gain access and expand access to remote systems.
Document technical issues and recommend mitigation controls identified during security assessments.
Research cutting edge security topics and new attack vendors
Conduct compliance testing on web-based application, mobile applications and thick/thin-client application that meet predetermined Technology Security Standards and other regulatory requirements such as MAS TRMG.
Conduct secure code review
Minimum 2 years of hands-on penetration testing experience for web applications, thick/thin clients and mobile applications
Experience conducting Secure Code Review
Degree in computer degree/computer engineering/information security or equivalent.
A working knowledge of all aspects of information security is essential.
Familiarity of MAS TRMG, PCI-DSS and other regulatory/industries requirements.
Good communication (spoken and written) skills, able to work independently and as a team
Certifications from either GIAC/Offensive Security/CREST required.
Hands on experience in using Kali Linux, tools such as Burp, Nessus and other penetration testing and secure code review tools
Experience in conducting penetration testing for Banks in Singapore will be highly preferred
Experience in conducting code review for AS400 and legacy mainframe systems will be an advantage