Our Employee Value Proposition
Advancing our People.
Advancing our World.
At CrimsonLogic, we put your Career and Well-being first.
We are committed to advancing your career through a full spectrum of professional Development programs with the support of a strong Total Rewards philosophy that focus on your well-being.
We believe that by investing in each and every one of our employees professional and personal growth, we can collectively make a positive impact on the world as we strive for greatness together in a nurturing and inclusive workplace.
Role Purpose:
The Penetration Tester is responsible for executing full-scope offensive security assessments across networks, applications, cloud environments, and operational technology(OT). This role involves simulating advanced cyberattacks, bypassing modern defenses, and delivering actionable remediation strategies to strengthen the organization's security posture.
Key Accountabilities:
- Conduct comprehensive penetration tests on applications, systems, and networks.
- Simulate real-world cyberattacks to evaluate and improve defensive measures.
- Provide detailed remediation recommendations and track resolution progress.
- Support risk assessments and control gap analysis.
- Maintain and enhance cybersecurity policies, standards, and procedures.
- Ensure compliance with relevant security frameworks and regulatory requirements.
- Collaborate with stakeholders to clarify findings and close reports.
Job Responsibilities & Duties:
- Conduct comprehensive penetration tests on applications, systems, and networks.
- Simulate real-world cyberattacks to assess security posture.
- Provide detailed remediation strategies and follow up with users for clarification and resolution until report closure.
- Perform system commissioning security clearance reviews.
- Review and validate false positives from web penetration tests and secure code scans.
- Conduct security baseline hardening reviews across infrastructure and applications.
- Perform firewall rule reviews and application security configuration assessments.
- Assist in risk assessments, control gap analysis, and security plan development.
- Document security risks in the enterprise risk register.
- Evaluate compliance with security frameworks and regulatory requirements.
Key Job Competencies:
- Deep understanding of cyber threats, vulnerabilities, and attack methodologies.
- Familiarity with security frameworks (e.g., NIST, ISO 27001).
- Excellent verbal and written communication skills.
- Strong analytical and problem-solving abilities.
- Ability to manage multiple projects in a dynamic environment.
Education Requirements:
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field.
- Equivalent experience may be considered in lieu of formal education.
Working Experience Requirements:
- At least 2 years of hands-on experience in penetration testing.
- Only Singapore Citizens or Permanent Residents (PR) will be considered
Skills Required:
Must-have skills
- CREST or OSCP certification (Mandatory).
- Advanced knowledge of penetration testing methodologies and tools.
- Strong exploit development and vulnerability research skills.
- Proficiency in penetration testing tools (e.g., Metasploit, Burp Suite, Kali Linux, Nmap).
- Experience with exploit development and bypassing advanced security defenses.
- Strong understanding of system/application security risks and mitigation strategies.
