Senior Vulnerability Analyst
7 days ago
Senior Vulnerability Analyst - The Vulnerability Management Lead role is responsible for overseeing Income Insurance enterprise vulnerability management program, driving continuous identification, assessment, and remediation of security weaknesses across internal and external IT infrastructure including but not limited to web and mobile applications. This includes leveraging both automated tools and manual techniques, and liaising with system and application owners for follow-up actions. Maintain proactive oversight to uphold Income Insurance's vulnerability management standards, strengthen organization cyber resilience and safeguard Income Insurance's technology environment. This role will come under the IT Risk and Security department, reporting to the Cyber Assurance Manager. Key Responsibilities Perform vulnerability scanning/discovery, tracking of remediation SLA, and follow up on closure. Manage private bug bounty and public vulnerability disclosure program by performing triaging and follow up on reports received. Coordinate penetration testing engagements with external vendors, ensuring scope, timelines, and deliverables are met. Conduct meetings to communicate the findings and implications to stakeholders. Validate remediation efforts through vulnerability fix verification to confirm effectiveness. Perform risk assessments and assess existing mitigative controls, recommend compensating controls when remediation is not possible. Support audit and ensure regulatory compliance (e.g., MAS TRM) by providing vulnerability evidence and remediation status. Analyze vulnerability management results and present technical data clearly to senior stakeholders, turning insights into actionable recommendations. Optimize vulnerability management lifecycle, improving identification, remediation, and follow-up processes. Collaborate with CTI to act on FINTEL threat intelligence and ensure timely remediation. Support in vendor evaluation prior to contract award Qualifications At least 4-5 years of experience in IT/Information Security, Vulnerability Management. Diploma/Degree in Computer Science, Cybersecurity, Information Security Management or related. Having CISSP, CISM, OSCP, GPEN, GWAPT certifications is an advantage. Competencies 4-5 years of hands‐on experience in vulnerability management and using VA tools (e.g. TenableOne, Qualys, Rapid7). Strong understanding and knowledge on industry standard scoring models such as CVSS, EPSS, exploitability and remediation strategies. Knowledge of common web and mobile security vulnerabilities in OWASP Top 10. Familiarity with penetration testing techniques and tools such as web application proxies (Burp Suite, OWASP ZAP), packet. capture analysis software, penetration testing Linux distributions (e.g. Kali Linux), static source code analyzers, API testing tools (e.g SoapUI, Postman), mobile application security frameworks (e.g. MobSF, Frida). Familiarity with application security testing approaches such as SAST, DAST, SCA. Experience with aligning with regulatory requirements (MAS, ISO 27001) and support audit readiness. Having Cloud security knowledge and AI LLM knowledge is a plus. Experience in support in vendor evaluation prior to contract award will be advantage Basic structured programming or scripting skills as C, Java, Python, Javascript, Powershell. #J-18808-Ljbffr
-
Assistant ManagerDeputy ManagerManager
2 weeks ago
Singapore Security Vulnerability Management Full timeYou will be responsible for overseeing the enterprise-wide vulnerability management lifecycle including identifying assessing prioritizing and driving the remediation of security vulnerabilities across systems applications and infrastructure to reduce cyber risk exposure. This role requires strong technical skills cross-functional coordination and experience...
-
Senior Vulnerability Analyst
2 weeks ago
Singapore Income Insurance Limited Full timeSenior Vulnerability Analyst (VAPT) – Income Insurance Limited Join to apply for the Senior Vulnerability Analyst (VAPT) role at Income Insurance Limited. Key Responsibilities Perform vulnerability scanning/discovery, track remediation SLAs, and follow up on closure. Manage private bug bounty and public vulnerability disclosure program by triaging reports...
-
Senior Threat
4 days ago
Singapore ALLEN & OVERY LLP Full time**It’s Time** Allen & Overy is a leading global law firm operating in over thirty countries. By turning our insight, technology and talent into ground-breaking solutions, we’ve earned a place at the forefront of our industry. Our lawyers are leaders in their field - and the same goes for our support teams. Ambitious, driven and open to fresh...
-
Senior Analyst, Vulnerability Management
13 hours ago
Singapore TikTok Full timeResponsibilities TikTok is the leading destination for short-form mobile video. Our mission is to inspire creativity and bring joy. TikTok has global offices, including Los Angeles, New York, London, Paris, Berlin, Dubai, Mumbai, Singapore, Jakarta, Seoul, and Tokyo. Why Join Us At TikTok, our people are humble, intelligent, compassionate and creative. We...
-
Vulnerability Analyst, IT Cybersecurity
2 weeks ago
Singapore SEARCH STAFFING SERVICES PTE. LTD. Full timeWe are currently working with a German MNC client; looking for a Vulnerability Analyst, IT with cybersecurity work experience to join them. **Vulnerability Analyst, IT **Responsibilities**: - As part of the vulnerability management team you will help to identify, prioritize, and track findings - Work closely with many different departments in order to...
-
Senior Vulnerability Analyst
7 days ago
Singapore INCOME INSURANCE LIMITED Full timeA leading insurance company based in Singapore is looking for a Senior Vulnerability Analyst to oversee its vulnerability management program. The ideal candidate will have 4-5 years of experience in IT security, proficient in vulnerability tools and methodologies. Duties include performing vulnerability scans, managing bug bounty programs, and coordinating...
-
Analyst, Vulnerability Management
13 hours ago
Singapore TikTok Full timeResponsibilities TikTok is the leading destination for short-form mobile video. Our mission is to inspire creativity and bring joy. TikTok has global offices, including Los Angeles, New York, London, Paris, Berlin, Dubai, Mumbai, Singapore, Jakarta, Seoul, and Tokyo. Why Join Us At TikTok, our people are humble, intelligent, compassionate and creative. We...
-
Senior Vulnerability Analyst
2 weeks ago
Singapore Income Insurance Limited Full time $60,000 - $120,000 per yearDescriptionKey ResponsibilitiesPerform vulnerability scanning/discovery, tracking of remediation SLA, and follow up on closure.Manage private bug bounty and public vulnerability disclosure program by performing triaging and follow up on reports received.Coordinate penetration testing engagements with external vendors, ensuring scope, timelines, and...
-
Vulnerability Ops Analyst — CI/CD Security
2 weeks ago
Singapore NTT Full timeA leading cybersecurity firm in Singapore is seeking a Mid-Level/Senior Vulnerability Management Operations Analyst to support cybersecurity assurance for a key financial organization. Responsibilities include managing the vulnerability lifecycle, running vulnerability tools, and developing automation scripts in Python. Candidates should have strong...
-
Vulnerability Analyst
1 week ago
Singapore Quess Corp Full timeVulnerability Analyst (Burpsuite / Metaspoilt)Raffles Place, Singapore | Posted on 10/03/2024Conductregular vulnerability scans and assessments on networks, applications, andsystems. Analyzescan results, prioritize vulnerabilities based on risk, and recommendremediation actions. Design,implement, and manage security measures for network infrastructures....
