NCS is a leading technology services firm that operates across the Asia Pacific region in over 20 cities, providing consulting, digital services, technology solutions, and more. We believe in harnessing the power of technology to achieve extraordinary things, creating lasting value and impact for our communities, partners, and people. Our diverse workforce of 14,000 has delivered large-scale, mission-critical, and multi-platform projects for governments and enterprises in Singapore and the APAC region.
Job Description
We are seeking an experienced and highly skilled Lead Consultant to join our Security Assessment Services team in Singapore. In this critical role, you will lead and oversee security assessment projects, ensuring that our clients systems and infrastructure are thoroughly evaluated for potential vulnerabilities and compliance risks.
- Conduct traditional vulnerability assessments and penetration tests across network and infra, web applications, APIs, mobile applications, and Operational Technology (OT) / ICS environments
- Conduct host configuration and hardening reviews for servers, network devices, databases, endpoints, etc and benchmark against CIS benchmarks or clients security baselines
- Conduct source code reviews using automated tools and/or manual code reviews
- To apply processes and tools to test for the presence of security vulnerabilities within the systems to meet strategic, tactical objectives and operational objectives
- Engage client effectively and efficiently by working in a closely knit team
- Be able to present the test findings in both written report and presentation in an articulate and clear manner, to both technical and non-technical stakeholders
Qualifications
- Preferred: Experience executing red teaming or advanced penetration testing engagements, including planning, execution, reporting, and closure, using an intelligence‑led approach. Ability to develop and execute adversary Tactics, Techniques, and Procedures (TTPs) aligned to real‑world threat actors and industry frameworks.
- Preferred: Hands‑on experience performing penetration testing or red teaming on LLM / GenAI applications, guided by OWASP Top 10 for LLM Applications and MITRE ATLAS.
- Possess at least OSCP, CRT certification
- OSAI, OSWE, OSEP, GWAPT, GPEN, GCPN and any other relevant certs (e.g. Hack the Box) are preferred
- Minimum 3-5 years of hands-on VAPT and offensive security experience of penetration testing, codes review and hosts review with security IT background
- Possess technical skills appropriate for a medium-to-large complex technical area with an industry related qualification
- Have knowledge of security tools, techniques and methodology frameworks including Metasploit, Kali, Burp Suite, Nmap, Nessus and scripting languages.
- Possess excellent interpersonal communication skills and strong team player
- Keen to learn and grow your expertise within security
- Be willing to work after office hours as some projects have such requirements
- Due to project sensitivity, we can only consider Singapore Citizen
Additional Information
We are driven by our AEIOU beliefs—Adventure, Excellence, Integrity, Ownership, and Unity—and we seek individuals who embody these values in both their professional and personal lives. We are committed to our Impact: Valuing our clients, Growing our people, and Creating our future.
Together, we make the extraordinary happen.
Learn more about us at ncs.co and visit our LinkedIn career site.
Scam Alert
We are aware of fraudulent job offers and impersonations of NCS recruiters. Phishing emails using convincing-looking but fake addresses are also commonly used to trick you into thinking that they come from official NCS sources.
Please note that all official communications from NCS Group will only be sent from verified corporate email addresses. Always check that the sender's email address ends with the genuine NCS domain, @ncs.com.sg and beware of extra letters, symbols or misspellings. When in doubt, verify the sender's identity by contacting us at [Confidential Information].
