Vouch Recruitment logo

Penetration Tester (VAPT)

Vouch Recruitment Singapore, Singapore

onsitefull-time
Posted Feb 10, 2026Apply by Mar 12, 2026

Role & seniority: Penetration Tester (Associate), full-time

Stack/tools: security testing across web, network, mobile, thick-client, IoT, and cloud; source code review; reporting; familiarity with CREST/OSCP or similar certifications is a plus

Top 3 responsibilities

  • Perform detailed source code reviews to identify security vulnerabilities

  • Conduct hands-on penetration testing across multiple domains (web, network, mobile, thick-client, IoT, cloud)

  • Identify, exploit, document vulnerabilities; produce comprehensive remediation-focused reports; collaborate to improve testing methods

Must-have skills

  • 1–2+ years of hands-on penetration testing across diverse domains

  • Proven experience leading detailed source code reviews and understanding secure coding practices

  • Strong report writing and ability to explain technical issues to non-technical stakeholders

Nice-to-haves

  • CREST, OSCP or similar recognized qualifications

  • In-depth knowledge of common security vulnerabilities

  • Location & work type: Based in Singapore; full-time, information technology role within Staffing and Recruiting industry (Singapore-based company)

Full Description

Vouch is currently working with a Singapore-based company that specializes in security solutions.

We are seeking an experienced Penetration Tester with strong expertise in source code review. The ideal candidate will not only possess hands-on experience in various domains such as web, network, mobile, thick-client, IoT, and cloud security but also demonstrate the ability to lead, mentor, and teach other team members. This role requires a deep understanding of security vulnerabilities, penetration testing methodologies, and the ability to perform thorough source code reviews to identify potential security flaws.

Primary Responsibilities

  • Perform detailed source code reviews to identify security vulnerabilities.
  • Act as the domain expert in source code analysis.

Perform hands-on penetration testing across multiple domains: web applications, networks, mobile applications, thick-client environments, IoT devices, and cloud platforms. Identify, exploit, and document security vulnerabilities. Create comprehensive reports that detail findings and recommended mitigations. Collaborate with team members to share knowledge and improve security testing methods. Conduct security assessments and audits of systems, applications, and networks. Keep updated on the latest security trends, vulnerabilities, and technologies to ensure a strong organizational security posture.

What I Am Looking For

  • At least 1-2 years of hands-on experience in penetration testing across various domains.
  • Proven experience in performing and leading detailed source code reviews, with a strong understanding of secure coding practices.
  • Desirable certifications like CREST, OSCP, or similar recognized penetration testing qualifications.
  • In-depth knowledge of common security vulnerabilities
  • Strong report writing and documentation skills, with the ability to explain technical issues to non-technical stakeholders.

Click on Apply now to find out more about this opportunity and other available positions.

EA License: 22C1396

EA Personnel: R1551466

Seniority level Associate Employment type Full-time Job function Information Technology Industries Staffing and Recruiting

multi-location

Cookies & analytics consent

We serve candidates globally, so we only activate Google Tag Manager and other analytics after you opt in. This keeps us aligned with GDPR/UK DPA, ePrivacy, LGPD, and similar rules. Essential features still run without analytics cookies.

Read how we use data in our Privacy Policy and Terms of Service.