Web Application Vulnerability Researcher

1 week ago

Singapore INNOEDGE LABS PTE. LTD. Full time $100,000 - $150,000 per year

At InnoEdge, we work with organisations to protect them from cyber threats. We help detect new unknown cyber threats through research, fortify networks, and defend critical information infrastructures. Based in Singapore, our team consists of cybersecurity experts who use the advanced techniques and technologies to deliver cutting-edge solutions and services.

InnoEdge believes in fostering a culture where team members are encouraged to overcome challenges, explore new ideas, and work together to succeed. We value individuals who are determined to push beyond the boundaries, and have a thirst for knowledge, continuous learning, and self-improvement.

Collaboration is key to our success. We prioritise open communication, constructive feedback, and a willingness to help others. We are committed to creating a supportive work environment that encourages excellence, innovation, and continuous improvement. We're looking for individuals who share our values and are excited to join us on our cyber mission.

Responsibilities
  • Recommend direction for research projects and conceptualize new tools/techniques that will enhance the vulnerability discovery process.
  • Mentor and guide new researchers in the area of web application vulnerability research.
  • Perform deep research into web applications with complex codebases to understand the attack surface for an attacker to abuse.
  • Ideate hypothesis as to how an attacker could possibly abuse features in the application and validate if hypothesis holds true.
  • Develop proof of concept to demonstrate the severity of the discovered vulnerability and propose mitigations.
  • Develop cutting edge tools to improve and scale up the vulnerability discovery process for web applications.
  • Keep abreast of the latest research into web security and vulnerabilities detection techniques.
  • Level up the local security community through mentorship of aspiring security researcher, publishing blog post and speaking at conferences.

Requirements

  • Demonstrated ability to
  • Perform attack surface analysis and prioritization of research on a web application.
  • Independently apply static/dynamic analysis techniques to find low lying bugs in a web application.
  • Discover and exploit vulnerability in web applications.
  • Deep understanding of web programming languages (PHP, Java, Python, .Net…), web frameworks, typical web vulnerabilities and how they are commonly exploited.
  • Track record of having found vulnerabilities in the last 4 years.

For a more senior role, we're looking for candidates with:

  • Fluency in assembly language (x86/64)
  • Experience in debugging, reverse engineering binary and exploiting memory corruption and logic vulnerabilities.
  • Track records in these areas:
  • Consistency in discovering security-related vulnerabilities and demonstrating their impact.
  • Performing research on a complex web application by a major vendor (e.g. WordPress), applying attack surface analysis and prioritization, and performing various static and dynamic analysis techniques to find bugs in the different components.
  • Discovering and exploiting security vulnerabilities in in a complex application by a major vendor (e.g. Exchange, WordPress).

Benefits

  • Training & Development
  • Performance Bonus
  • Medical Benefits
  • Hybrid Work Arrangement

If you meet these qualifications and are passionate about cyber security, we encourage you to apply for this exciting opportunity. We offer competitive compensation, a comprehensive benefits package, and a collaborative and dynamic work environment.

  • Cyber Security Vulnerability Researcher

    1 day ago

    Singapore Centre for Strategic Infocomm Technologies (CSIT) Full time

    Cyber Security Vulnerability Researcher (Web Applications) Join to apply for the Cyber Security Vulnerability Researcher (Web Applications) role at Centre for Strategic Infocomm Technologies (CSIT) . Get AI-powered advice on this job and more exclusive features. Conduct research and analysis to understand web application architectures, discovering...

  • Cyber Security Vulnerability Researcher

    2 weeks ago

    Singapore Centre for Strategic Infocomm Technologies Full time

    Job Scope Conduct research and analysis to gain in-depth understanding of web application architectures to discover implementation flaws and weaknesses within these applications which could be exploited by malware. Perform information security assessments through vulnerability research, penetration testing, code auditing, black box testing, reverse...

  • Cyber Security Vulnerability Researcher

    7 days ago

    Singapore Centre for Strategic Infocomm Technologies (CSIT) Full time

    **SINGAPORE, SINGAPORE /** **CYBERSECURITY - VULNERABILITY RESEARCH /** **FULL-TIME** **/ ON-SITE** **Job Scope**: - Perform information security assessments through vulnerability research, penetration testing, code auditing, black box testing, reverse engineering, proof-of-concept simulations and malware analysis. **Requirements**: - Degree in...

  • Senior Web Application Vulnerability Analyst

    2 weeks ago

    Singapore HORIZON SOFTWARE PTE. LTD. Full time

    **Get to know our Team**: When you're an engineer at, you are part of the heart and soul of the company. Our passion is anchored in the work that we do, and this is reflected in the impact we make on millions of lives on a daily basis. Our team is empowered by creating amazing services and tools that serve millions of passengers, driving partners, and fellow...

  • Vulnerability Researcher

    1 week ago

    Singapore INNOEDGE LABS PTE. LTD. Full time $60,000 - $120,000 per year

    At InnoEdge, we work with organisations to protect them from cyber threats. We help detect new unknown cyber threats through research, fortify networks, and defend critical information infrastructures. Based in Singapore, our team consists of cybersecurity experts who use the advanced techniques and technologies to deliver cutting-edge solutions and...

  • Windows Vulnerability Researcher

    1 week ago

    Singapore INNOEDGE LABS PTE. LTD. Full time $120,000 - $360,000 per year

    At InnoEdge, we work with organisations to protect them from cyber threats. We help detect new unknown cyber threats through research, fortify networks, and defend critical information infrastructures. Based in Singapore, our team consists of cybersecurity experts who use the advanced techniques and technologies to deliver cutting-edge solutions and...

  • Cyber Security Vulnerability Researcher

    1 week ago

    Singapore Ministry of Defence Singapore Full time $80,000 - $120,000 per year

    Centre for Strategic Infocomm TechnologiesPermanentWhat the role isJob Scope• Conduct research and analysis to gain in-depth understanding of web application architectures to discover implementation flaws and weaknesses within these applications which could be exploited by malware.• Perform information security assessments through vulnerability research,...

  • Senior/Vulnerability Analyst

    4 weeks ago

    Singapore INCOME INSURANCE LIMITED Full time

    Roles & ResponsibilitiesThe vulnerability analyst will be responsible for performing vulnerability discovery on our internal and external IT infrastructure, web, mobile and web service applications, leveraging both automated tools and manual techniques, and liaising with systems & applications owners on follow up actions.Key ResponsibilitiesPerform...

  • Cyber Security Vulnerability Researcher

    2 weeks ago

    Singapore Centre for Strategic Infocomm Technologies Full time

    We are looking for passionate individuals to be part of our vulnerability research team dedicated to keeping our Windows platform and software safe. In this role, you will be part of a team of vulnerability researchers responsible for working closely with stakeholders to perform security audit on Windows operating systems and relevant software. The audit...

  • Principal Vulnerability Researcher

    7 days ago

    Singapore watchTowr Full time

    **Hello, let us introduce ourselves!** We are watchTowr, a VC-backed cyber-security start-up headquartered in Singapore, with teams in Europe and APAC. Cyber security veterans and technical experts, we are obsessed with continuously finding ways to break into enterprises, while building technology for some of the world’s most targeted organisations. With...