Cyber Security Researcher

2 weeks ago


Singapore WatchTowr Full time

**Hello, let us introduce ourselves**

We are watchTowr, an early-stage VC-backed cyber security startup headquartered in Singapore. We’ve recently raised US$2,250,000 in seed funding and we’re now looking to scale up rapidly in line with our traction.

Cyber security veterans and technical experts, we are obsessed with building exciting technology for some of the world’s most targeted organisations. By leveraging data, our aim is to empower organisations to keep up with the rapid rate of evolution across the cyber security industry, by providing continuous and real-time assurance in line with a frontline adversarial understanding of cyber security.

We are a young, high-energy and high-performing team that is devoted to building world-class technology in pursuit of realising our mission. We are in a high and aggressive growth phase of our journey, and are excited to continue adding colleagues to join our phorce of nature.

**But what’s the role?**

We are looking for offensive security experts to expand our watchTowr LABS team, and work with us to evolve our Continuous Attack Surface Testing technology. watchTowr LABS is our epicentre of offensive security expertise, and has been designed to operate like an APT group.

This is not consultancy work, project-based work, or engagements restricted by scope/time/budget. Enterprises rely on our technology and approach to look at their organisations holistically, and continuously, as if they were being continuously red team’d.

If something is exposed to the Internet - whether it’s SaaS, cloud, shadow IT, or the random marketing website everyone forgot about presents a weakness to their organisation - it’s our job to discover it, highlight it, and track it.

This is the opportunity to use your expertise to continuously find ways to break into some of the world and region’s largest brands, enterprises and businesses.

Our vision for offensive security is continuous.

**Sounds great - what will I do?**
- You will spend your days looking for vulnerabilities in numerous organisations - no scope, no time restrictions, no limitations.
- You will be focused on looking for the vulnerabilities that **matter** - high-impact weaknesses that would have a material impact on our clients. We don’t care about SSL ciphers, we care about Remote Code Execution.
- You’ll work with other offensive security experts to share ideas and brainstorm new tactics and techniques that we can use to demonstrate high-impact weaknesses in organisations.
- You’ll be performing cutting-edge offensive security research to build and test your own high-impact tactics and techniques. Our research has one goal - strengthen external attack surfaces.
- Your tactics and techniques will be deployed at scale to all of our clients, and implemented into our technology - our message is very clear, never do anything twice, let our technology provide the harness and continuous framework you need.
- You will be analysing the technical details of emerging weaknesses, and rapidly building proof-of-concepts to identify vulnerable assets (we helped our clients react to Log4J in 2 hours).
- If your dream is to speak at conferences and present your research to the world - we will support you to make it happen

**Sounds perfect to me, what specifics are you looking for?**

**Ideal Experience**

Ideally, you should have 3 or more years of experience, with:

- Involvement in red-team exercises with large enterprises.
- Have basic scripting skills in GoLang and/or Python.
- Hold industry-recognised qualifications, like CCSAS/CCT/CRT/OSCP.

**Bonus Experience**

It’ll also be awesome if you have:

- Lead red-team and adversarial simulation exercises.
- Performed cyber-security simulations with actions across the kill-chain.
- Have published your own research, whether it be in blogposts or at conferences.
- Have demonstrated your skills across bug-bounty programmes.

**Our Experience**

When you join us, you can expect (ok, we kinda expect this from you too):

- A highly motivated, experienced, offensive cyber team that obsesses over our shared mission.
- To be part of a team of outcome-focused problem-solvers.
- An environment of autonomy and creativity to support you to deliver the best work of your life.
- Finding vulnerabilities and breaking technologies in various cool and creative ways.
- A culture of continuous improvement in the form of learning and growth.

**What’s in it for me?**
- **Competitive compensation -** we believe that hard work, skills and ambition should be fairly compensated.
- **Meaningful role in a company** - You will be a key and early contributor to a fast-growing cyber security business that helps protect some of the world's largest enterprises.
- **The best tools and powerful kit -** we enable you with the tools to effectively fulfil your role.
- **Endless opportunities -** we are in a high-growth phase of our journey, and plan to promote from within as we scale.
- **



  • Singapore ENSIGN INFOSECURITY (CYBERSECURITY) PTE. LTD. Full time

    As a Cyber Security Researcher, you will be conducting research and development work to deliver comprehensive security assessment on cyber security technologies (e.g. network-based and host-based threat detection and protection systems). Specifically, successful applicants will: - Evaluate the effectiveness of cyber security products in protecting cyber...


  • Singapore CYBER RECRUITZ (PTE. LTD.) Full time

    We’re Hiring: Cyber Security Engineer Location: Onsite - Singapore Experience: 8-10 years Employment Type: Full-time ⸻ Role: Cyber Security Engineer Join the cybersecurity team under the Agency Chief Information Security Officer to manage and enforce security across IT infrastructure and digital transformation projects, in line with regulations and...


  • Singapore Datasearch Consulting Full time

    **Cyber Security Researcher** **Singapore** **Competitive Salary + Bonus** Datasearch is collaborating with a prominent threat and security management firm specialising in IoT and OT devices and networks to find a Cyber Security Researcher. The selected individual will be accountable for devising, implementing, and supervising cybersecurity solutions aimed...


  • Singapore Centre for Strategic Infocomm Technologies (CSIT) Full time

    Cyber Security Vulnerability Researcher (Network Devices)Join to apply for the Cyber Security Vulnerability Researcher (Network Devices)role at Centre for Strategic Infocomm Technologies (CSIT)Cyber Security Vulnerability Researcher (Network Devices)3 weeks ago Be among the first 25 applicants Join to apply for the Cyber Security Vulnerability Researcher...


  • Singapore MHA - Internal Security Department (ISD) Full time

    **What the role is** - ISD confronts and addresses threats to Singapore’s internal security and stability. For over 70 years, ISD and its predecessor organisations have played a central role in countering threats such as those posed by foreign subversive elements, spies, racial and religious extremists, and terrorists. A fulfilling and rewarding career...


  • Singapore Centre for Strategic Infocomm Technologies Full time

    Job Scope Investigate threats and assess the impact on systems and software Conduct research to gain in-depth understanding of the operating system architecture (kernel and subsystems) and how these subsystems could be exploited by malware Perform information security assessments through vulnerability research, code audit, black box testing, reverse...


  • Singapore Centre for Strategic Infocomm Technologies (CSIT) Full time

    Cyber Security Vulnerability Researcher (Web Applications)Join to apply for the Cyber Security Vulnerability Researcher (Web Applications)role at Centre for Strategic Infocomm Technologies (CSIT) . Get AI-powered advice on this job and more exclusive features. Conduct research and analysis to understand web application architectures, discovering...


  • Singapore SYNTHESIZE LABS PTE. LTD. Full time

    The successful applicant will be required to: - Be familiar with the latest mobile devices and the relevant operating system such as Android and iOS - Be able to independently perform research into potential bugs or security issues in these devices - Be able to reverse engineer malware samples for mobile devices and understand their techniques, tactics and...


  • Singapore beBeeCybersecurity Full time

    Job Description:">">The team conducts research on advanced threat actors and techniques, developing tools for the next generation of Windows enterprise servers and endpoint protection.">Members will research various cyber domains and produce different types of tools, adapting to changes in the cyber landscape.">">Responsibilities:">">Research and develop...


  • Singapore Centre for Strategic Infocomm Technologies (CSIT) Full time

    Cyber Security Vulnerability Researcher (Web Applications)Join to apply for the Cyber Security Vulnerability Researcher (Web Applications) role at Centre for Strategic Infocomm Technologies (CSIT).Get AI-powered advice on this job and more exclusive features.Conduct research and analysis to understand web application architectures, discovering implementation...