Role & seniority: Penetration Testing Engineer (mid–senior level) for a continuous security validation project

Stack/tools: automated security validation frameworks/pipelines; manual pentesting; Python/Powershell/Bash scripting; CI/CD/DevSecOps; vulnerability assessment tools; MITRE ATT&CK; threat intelligence awareness

Top 3 responsibilities

Design and implement automated security validation frameworks and pipelines
Execute continuous security testing across diverse IT environments and perform manual pentesting for complex scenarios
Analyze results, identify gaps in defenses, develop testing methodologies, and produce reports with strategic security recommendations

Must-have skills

Degree in Cybersecurity/Information Security/CS or equivalent; 4+ years in offensive security (enterprise/government preferred)
Certifications such as OSCP, SANS, or cloud security; proficiency with pentesting tools and methodologies
Strong understanding of attack lifecycle, network/os/security architectures; scripting in Python/PowerShell/Bash
Experience with CI/CD/DevSecOps; familiarity with vulnerability scanning tools; knowledge of MITRE ATT&CK

Nice-to-haves

Prior government or large enterprise security experience; additional cloud security certifications; broader threat intelligence harnessing
Location & work type: Singapore-based; full-time (exact modality not specified in posting)

Full Description

Assurity Trusted Solutions (ATS) is a wholly owned subsidiary of the Government Technology Agency (GovTech). As a Trusted Partner over the last decade, ATS offers a comprehensive suite of products and services ranging from infrastructure and operational services, authentication services, governance and assurance services as well as managed processes. In a dynamic digital and cyber landscape, where trust & collaboration are key, ATS continues to drive mutually beneficial business outcomes through collaboration with GovTech, government agencies and commercial partners to mitigate cyber risks and bolster security postures. We are looking for a Penetration Testing Engineer for a continuous security validation project. You will have the unique opportunity to work on this project with like-minded cybersecurity professionals.

Job Summary

Design and implement automated security validation frameworks and pipelines.
Execute continuous security testing across diverse IT environments.
Perform manual penetration testing for complex scenarios and edge cases.
Analyse security validation results and identify gaps in defensive controls.
Develop and maintain testing methodologies based on current threat intelligence.
Create comprehensive reports and strategic recommendations for security improvements.
Collaborate with security teams to enhance detection and prevention capabilities.
Document testing procedures and maintain knowledge base of security validation practices.

Requirements

To succeed in this role, you will ideally have

Degree in Cybersecurity, Information Security, Computer Science or a related field, including equivalent experience and relevant cybersecurity certifications such as OSCP, SANS or cloud security.
A minimum of 4 years' experience in offensive security or a related field preferably within an enterprise or government environment.
Proficiency in penetration testing tools and methodologies.
Deep understanding of the complete attack lifecycle from reconnaissance to post-exploitation.
Experience with automation and scripting (Python, PowerShell, Bash).
Knowledge of CI/CD pipelines and DevSecOps practices.
Understanding of network protocols, operating systems, and security architectures.
Familiarity with threat intelligence frameworks (MITRE ATT&CK).
Experience with vulnerability assessment and security scanning tools.
Join us and discover a meaningful and exciting career with Assurity Trusted Solutions!
The remuneration package will commensurate with your qualifications and experience. Interested applicants, please click "Apply Now".

Penetration Testing Engineer (Continuous Security Validation)