The Company you're joining
A national body overseeing cyber security strategy, operation, education and outreach, technology and industry development. The company offers exciting opportunities for individuals to be part of our dynamic, multi-disciplinary and committed team shaping Singapore's cyber security landscape.
About the Role
The company is seeking hands-on, experienced offensive security practitioners who want to apply real-world attack techniques to complex, high-impact systems in support of Singapore's national cyber security mission.
The successful candidate will be part of the team responsible for delivering advanced security testing and adversary-led assessments to strengthen the resilience of Critical Information Infrastructure (CII).
What You'll Do
- Lead and conduct penetration testing, red teaming, and adversary simulation activities across web, mobile, infrastructure, cloud, OT, and telecommunications environments.
- Execute realistic attack scenarios to assess the resilience of Critical Information Infrastructure (CII), including systems supporting essential services.
- Support purple-teaming activities by translating offensive techniques into actionable detection and response improvements.
- Lead engagements end-to-end, including planning, execution, reporting, and technical debriefs with stakeholders.
- Mentor junior consultants and contribute to raising the team's overall technical standard.
- Drive continuous improvement of testing methodologies, tooling, and research, including taking on problem spaces outside your primary domain when required.
What You'll Bring
- An attacker's mindset with strong technical understanding of operating systems, networks, and modern enterprise environments.
- Proven ability to identify and execute real-world attack scenarios, beyond automated or checklist-based testing.
- Experience in penetration testing and/or red team operations, with exposure to adversary tradecraft and attack chaining.
- Demonstrated adaptability to transfer skills across technical domains (e.g. web to mobile, IT to OT, on-prem to cloud).
- Strong technical writing skills and the ability to clearly articulate security risks and impact.
- Typically 5-8 years of relevant experience in penetration testing, red team operations, or related offensive security roles, with demonstrated depth in hands-on technical work.
- Relevant industry certifications such as OSCP, CREST (e.g. CRT, CCT), CRTO, or equivalent are desirable.
Ready to Apply
Click Apply Now and our consultant will reach out for a discussion to share more.
EA License No: 12C6045 | UEN: 53041699M
