Senior Cyber Security Testing Specialist

**Senior Cyber Security Testing Specialist**:
**Date**:16 Apr 2025

**Location**: Singapore, Singapore

**Company**:Singtel Group

**Be a Part of Something BIG**

**Make An Impact By**
- Coordinate and Oversee Penetration Testing & Vulnerability Assessment Engagements:

- Manage and coordinate penetration testing and vulnerability assessment engagements with external vendors, ensuring effective communication and collaboration between internal stakeholders and vendors.
- Work closely with Domain security champions to review and tailor the scope, rules of engagement, testing methodologies, and reporting for external penetration tests and vulnerability assessments.
- Collaborate with cross-functional teams to provide guidance on Singtel's security standards, recommend best practices, and advise on effective remediation strategies.
- Review penetration testing reports, prioritize identified vulnerabilities, and coordinate efforts to address them in a timely manner.
- Track and report on the progress and outcomes of penetration testing and vulnerability assessments, ensuring that all findings are addressed appropriately.
- Maintenance of tools and Conduct Various Penetration Tests:

- Maintain and configure the tests required of automated testing tools to support black box and white box testing, and ensure alignment with latest industry test requirements e.g. OWASP, covering all forms of technologies e.g. Cloud Apps, On-prem Apps, COTS products, In-house developed Apps, AI models, APIs, OS, DB, VM, Network devices, etc.
- Identify gaps in automated testing tools and propose new tooling required to augment testing program as needed
- Bug Bounty Program Management:

- Oversee and manage the bug bounty program and associated platforms for identifying and addressing reported vulnerabilities.
- Validate/ triage the reported vulnerabilities, assess their impact on Singtel’s systems, and collaborate with relevant stakeholders to prioritize and remediate the issues.
- Track and report on findings and outcomes from the bug bounty program to ensure timely resolution.
- Develop engaging programs to boost the visibility and popularity of Singtel's bug bounty program.
- Secure Code Review Program Management:

- Manage and conduct secure code reviews using scanning tools and techniques to identify security weaknesses in software code.
- Analyze the results from code scans and work closely with development teams to implement necessary security fixes.
- Assist in the creation and implementation of secure coding practices across the organization.
- Vulnerability Retesting and Documentation:

- Retest security vulnerabilities arising from various sources e.g. Bug Bounty, Penetration testing, etc. after remediation and update reports with the latest results and outcomes.
- Develop and maintain comprehensive documentation for all vulnerability assessments, secured code reviews and penetration tests, including detailed findings, methodologies, and recommendations for improvements etc.
- Stay Current with Security Trends and Threats:

- Continuously monitor the latest security trends, emerging vulnerabilities, and attack techniques to ensure that security testing methodologies and tools remain up-to-date and effective.

**Skills for Success**:

- Bachelor's degree in Computer Science, Information Security, or a related field.
- Attained OSCP or CREST.
- At least 5 years of experience working in Cyber and Information security field
- Strong understanding of OWASP Top 10, CWE/SANS Top 25, and other common vulnerability frameworks.
- Proficient in using and managing various security tools and products like Fortify, AppScan, Webinspect, Burp Suite, Nessus, Guardrails AI, Giskard, Moonshot, Deepcheck, Evidently, Pyrit, Adversarial Robustness Toolbox (ART), PyRIT, etc.

**Rewards that Go Beyond**
- Full suite of health and wellness benefits
- Ongoing training and development programs
- Internal mobility opportunities

**Are you ready to say hello to BIG Possibilities?