Senior Vulnerability Analyst
2 weeks ago
Key Responsibilities
- Perform vulnerability scanning/discovery, tracking of remediation SLA, and follow up on closure.
- Manage private bug bounty and public vulnerability disclosure program by performing triaging and follow up on reports received.
- Coordinate penetration testing engagements with external vendors, ensuring scope, timelines, and deliverables are met.
- Conduct meetings to communicate the findings and implications to stakeholders.
- Validate remediation efforts through vulnerability fix verification to confirm effectiveness.
- Perform risk assessments and assess existing mitigative controls, recommend compensating controls when remediation is not possible.
- Support audit and ensure regulatory compliance (e.g., MAS TRM) by providing vulnerability evidence and remediation status.
- Analyze vulnerability management results and present technical data clearly to senior stakeholders, turning insights into actionable recommendations.
- Optimize vulnerability management lifecycle, improving identification, remediation, and follow-up processes.
- Collaborate with CTI to act on FINTEL threat intelligence and ensure timely remediation.
- Support in vendor evaluation prior to contract award
Qualifications
- At least 4-5 years of experience in IT/Information Security, Vulnerability Management.
- Diploma/Degree in Computer Science, Cybersecurity, Information Security Management or related.
- Having CISSP, CISM, OSCP, GPEN, GWAPT certifications is an advantage.
Competencies
- 4-5 years of hands-on experience in vulnerability management and using VA tools (e.g. TenableOne, Qualys, Rapid7).
- Strong understanding and knowledge on industry standard scoring models such as CVSS, EPSS, exploitability and remediation strategies.
- Knowledge of common web and mobile security vulnerabilities in OWASP Top 10.
- Familiarity with penetration testing techniques and tools such as web application proxies (Burp Suite, OWASP ZAP), packet. capture analysis software, penetration testing Linux distributions (e.g. Kali Linux), static source code analyzers, API testing tools (e.g SoapUI, Postman), mobile application security frameworks (e.g. MobSF, Frida).
- Familiarity with application security testing approaches such as SAST, DAST, SCA.
- Experience with aligning with regulatory requirements (MAS, ISO and support audit readiness.
- Having Cloud security knowledge and AI LLM knowledge is a plus.
- Experience in support in vendor evaluation prior to contract award will be advantage
- Basic structured programming or scripting skills as C, Java, Python, Javascript, Powershell.
-
Senior Vulnerability Analyst
2 weeks ago
Singapore Income Insurance Limited Full timeSenior Vulnerability Analyst (VAPT) – Income Insurance Limited Join to apply for the Senior Vulnerability Analyst (VAPT) role at Income Insurance Limited. Key Responsibilities Perform vulnerability scanning/discovery, track remediation SLAs, and follow up on closure. Manage private bug bounty and public vulnerability disclosure program by triaging reports...
-
Senior Vulnerability Analyst
1 week ago
Singapore INCOME INSURANCE LIMITED Full timeSenior Vulnerability Analyst - The Vulnerability Management Lead role is responsible for overseeing Income Insurance enterprise vulnerability management program, driving continuous identification, assessment, and remediation of security weaknesses across internal and external IT infrastructure including but not limited to web and mobile applications. This...
-
Senior Threat
5 days ago
Singapore ALLEN & OVERY LLP Full time**It’s Time** Allen & Overy is a leading global law firm operating in over thirty countries. By turning our insight, technology and talent into ground-breaking solutions, we’ve earned a place at the forefront of our industry. Our lawyers are leaders in their field - and the same goes for our support teams. Ambitious, driven and open to fresh...
-
Senior Analyst, Vulnerability Management
1 day ago
Singapore TikTok Full timeResponsibilities TikTok is the leading destination for short-form mobile video. Our mission is to inspire creativity and bring joy. TikTok has global offices, including Los Angeles, New York, London, Paris, Berlin, Dubai, Mumbai, Singapore, Jakarta, Seoul, and Tokyo. Why Join Us At TikTok, our people are humble, intelligent, compassionate and creative. We...
-
Senior Vulnerability Analyst
1 week ago
Singapore INCOME INSURANCE LIMITED Full timeA leading insurance company based in Singapore is looking for a Senior Vulnerability Analyst to oversee its vulnerability management program. The ideal candidate will have 4-5 years of experience in IT security, proficient in vulnerability tools and methodologies. Duties include performing vulnerability scans, managing bug bounty programs, and coordinating...
-
Analyst, Vulnerability Management
1 day ago
Singapore TikTok Full timeResponsibilities TikTok is the leading destination for short-form mobile video. Our mission is to inspire creativity and bring joy. TikTok has global offices, including Los Angeles, New York, London, Paris, Berlin, Dubai, Mumbai, Singapore, Jakarta, Seoul, and Tokyo. Why Join Us At TikTok, our people are humble, intelligent, compassionate and creative. We...
-
Vulnerability Analyst
1 week ago
Singapore Quess Corp Full timeVulnerability Analyst (Burpsuite / Metaspoilt)Raffles Place, Singapore | Posted on 10/03/2024Conductregular vulnerability scans and assessments on networks, applications, andsystems. Analyzescan results, prioritize vulnerabilities based on risk, and recommendremediation actions. Design,implement, and manage security measures for network infrastructures....
-
Vulnerability Analyst
1 day ago
Singapore Continental Full time**Company Description** Continental develops pioneering technologies and services for sustainable and connected mobility of people and their goods. Founded in 1871, the technology company offers safe, efficient, intelligent and affordable solutions for vehicles, machines, traffic and transportation. In 2022, Continental generated sales of €39.4 billion and...
-
Vulnerability Analyst
1 day ago
Singapore Continental Full timeYour tasks **Responsibilities**: - Work with scanning tools to identify vulnerabilities - Manually verify and identify vulnerabilities - Prioritize vulnerabilities - Continuously improve the automation process - Support asset owners in understanding vulnerabilities and selecting appropriate remediation measures - Track vulnerability remediation - Stay up...
-
Cyber Security
32 minutes ago
Singapore TempServ Pte Ltd Full timeA leading IT services company in Singapore is looking for a Cyber Security Analyst. The ideal candidate will be proactive in preventing cyber security incidents, performing technical security assessments, and monitoring vulnerabilities. Applicants should have a degree in Computer Engineering or Computer Science with 2–3 years of experience in cyber...
