Security Testing Specialist

You may choose to display a cookie banner on the external site. You must specify the message in the cookie banner and may add a link to a relevant policy. If you are unfamiliar with these requirements, please seek the advice of legal counsel.You are about to enter websites controlled or offered by third parties. OCBC hereby disclaims liability for any information, materials, products or services posted or offered at any of these third party web-sites. By creating a link to these third party web-sites, OCBC does not endorse or recommend any products or services offered or information contained on those web-sites or information fed by these third parties nor is OCBC liable for any failure of products or services offered or advertised at any of these third party web-sites. OCBC Group shall in no event be liable for any damages, loss or expense including without limitation, direct, indirect, special, or consequential damage, or economic loss arising from or in connection with any use of or access to any other website linked to this website, any system, server or connection failure, error, omission, interruption, delay in transmission, or computer virus and any services, products, information, data, software or other material obtained from this website or from any other website linked to this website. Any hyperlinks to any other websites are not an endorsement or verification of such websites and such websites should only be accessed at the user’s own risks. This exclusion clause shall take effect to the fullest extent permitted by law.You further consent to Oversea-Chinese Banking Corporation Limited, its related corporations (collectively, the "OCBC Group"), and their respective business partners and agents (collectively, the “OCBC Representatives”) collecting, using and disclosing your personal data for purposes reasonably required by the OCBC Group and the OCBC Representatives to enable them to process your employment application and assess your suitability for the position which you are applying for. Such purposes are set out in a Data Protection Policy, which is accessible at or available on request and which you confirm you have read and understood.Security Testing Specialist page is loaded## Security Testing Specialistremote type: Onsitelocations: OCBC Singaporetime type: Full timeposted on: Posted Todayjob requisition id: JR # **WHO WE ARE:** Today, we’re on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia’s leading financial services partner for a sustainable future. We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career.Your Opportunity Starts Here.# Why Join Protecting our customers' assets and data is at the heart of everything we do at OCBC. As a Security Testing Specialist, you'll play a critical role in safeguarding our systems and networks from cyber threats. You'll be part of a team that's shaping the future of cybersecurity in the financial industry. How you succeed To succeed in this role, you'll need to stay one step ahead of emerging threats. You'll work closely with our engineering teams to identify and mitigate risks, and develop strategies to protect our systems and data. You'll need to be proactive, collaborative, and always looking for ways to improve our cybersecurity posture. What you do* Perform application penetration testing on web-based applications, APIs* Perform mobile application penetration testing across different mobile platforms* Perform network penetration testing on systems.* Exploit vulnerabilities to gain access and expand access to remote systems.* Document and explain the technical details of the security issues identified during security assessments and recommend mitigation controls for remediation.* Research cutting edge security topics and new attack vectors* Conduct compliance testing on web-based application, mobile applications and thick/thin-client application that meet predetermined Technology Security Standards and other regulatory requirements such as MAS TRMG.* Conduct secure code review when required* Perform thick client penetration testing when required# Who you are* Minimum 3 years of hands-on penetration testing experience for web applications, mobile applications, and APIs* Experience conducting Secure Code Review* Degree in computer science/computer engineering/information security or equivalent.* A working knowledge of all aspects of information security is essential.* Familiarity of MAS TRMG and other regulatory/industries requirements.* Good communication (spoken and written) skills, able to work independently and as a team* Certifications from either GIAC/Offensive Security/CREST required.* Hands on experience in using Kali Linux, tools such as Burp, Tenable and other penetration testing, and secure code review tools* Experience in conducting penetration testing for Banks in Singapore will be highly preferred* Experience in conducting code review for AS400 and legacy mainframe systems will be an advantageWho we are Today, we're on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia's leading financial services partner for a sustainable future. We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career. Your Opportunity Starts Here. What we offer Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Equal opportunity. Fair employment. Selection based on ability and fit with our culture and values. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.# # **What we offer:**Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.#J-18808-Ljbffr