🤖 15+ AI Agents working for you. Find jobs, score and update resumes, cover letter, interview questions, missing keywords, and lots more.
Cookies & analytics consent
We serve candidates globally, so we only activate Google Tag Manager and other analytics after you opt in. This keeps us aligned with GDPR/UK DPA, ePrivacy, LGPD, and similar rules. Essential features still run without analytics cookies.
Read how we use data in our Privacy Policy and Terms of Service.
🤖 15+ AI Agents working for you. Find jobs, score and update resumes, cover letter, interview questions, missing keywords, and lots more.
Kerry Consulting • Singapore, Singapore
Role & seniority: Security Testing Lead (senior/lead level)
Stack/tools: Penetration testing (web, API, infrastructure); red teaming; vulnerability management; SAST/DAST/IAST; cloud security (AWS, Azure, GCP); security frameworks (NIST, OWASP, MITRE ATT&CK); vulnerability validation; risk remediation tracking
Define and govern the enterprise-wide security testing strategy and framework
Lead internal/external pen tests and red team exercises; validate detection/response with SOC/Blue Teams
Conduct security assessments across applications, cloud, APIs; prioritize and drive remediation; report to senior stakeholders
Must-have skills: 8–12 years in cybersecurity with a focus on offensive security; hands-on web/API/infrastructure testing; cloud security testing (AWS/Azure/GCP); red teaming; exploit development; Secure SDLC (SAST/DAST/IAST); strong understanding of OWASP Top 10 and MITRE ATT&CK
Nice-to-haves: Experience in regulated industries (Financial Services, Healthcare, Public Sector); prior enterprise-security testing leadership; regulatory audit support
Location & work type: Location not specified; work type not stated in the description.
We are seeking an experienced Security Testing Lead to establish, drive, and oversee the organisation's security testing strategy across applications, infrastructure, cloud, and digital platforms. This role will be responsible for leading penetration testing, red teaming, vulnerability validation, and security assessment initiatives to proactively identify and mitigate security risks.
Security Testing Strategy & Governance
Develop and implement the enterprise-wide security testing strategy and framework Define testing standards, methodologies, and scope aligned with industry frameworks (e.g., NIST, OWASP, MITRE ATT&CK) Establish governance processes for vulnerability validation, remediation tracking, and risk acceptance Ensure security testing coverage across applications, infrastructure, APIs, cloud, and emerging technologies
Penetration Testing & Red Teaming
Lead and coordinate internal and external penetration testing engagements Oversee red team exercises simulating real-world attack scenarios Validate detection and response effectiveness in collaboration with SOC / Blue Teams Provide technical oversight for advanced exploitation techniques and attack simulations
Application & Cloud Security Testing
Conduct and review security assessments for web, mobile, APIs, and cloud-native applications Guide secure SDLC integration including SAST, DAST, and IAST practices Assess cloud security posture across AWS / Azure / GCP environments Identify misconfigurations and architectural weaknesses in hybrid environments
Vulnerability Management & Risk Prioritisation
Provide risk-based validation of vulnerabilities identified via scanning tools Prioritise findings based on exploitability, business impact, and threat intelligence Work closely with engineering and infrastructure teams to ensure timely remediation Track and report remediation metrics to senior stakeholders
Stakeholder Management & Advisory
Translate technical findings into actionable risk insights for senior management Advise application and infrastructure owners on remediation strategies Support regulatory audits and security assurance initiatives Collaborate with GRC teams to align testing outcomes with compliance requirements
8-12 years of experience in cybersecurity, with strong focus on penetration testing and offensive security Proven experience leading security testing engagements in enterprise environments Experience in regulated industries (e.g., Financial Services, Healthcare, Public Sector) preferred
Technical Expertise
Reg: R1876389
Lic: 16S8060