Cyber Security Engineer (Perm role, CREST CRT certificate, VAPT experience)

Role Description:

This is a full-time role based in Singapore. The CREST Registered Penetration Tester (CRT) will plan and execute penetration tests against web, mobile, infrastructure, cloud, and internal applications, providing clear technical findings and remediation recommendations.

The role involves simulating advanced adversary techniques, supporting red team exercises, and contributing to security assessments for clients in highly regulated environments. The tester will prepare detailed reports, present results to technical and non-technical stakeholders, and collaborate with internal teams to improve methodologies, tooling, and security best practices.

Day-to-day activities also include staying current with emerging threats, participating in threat modelling and security reviews, and supporting incident response and hardening efforts when required.

Qualifications:

• Important: Current CREST Registered Penetration Tester (CRT) certification valid and not expired.

• Strong foundation in Cybersecurity, including network security, operating system internals, common attack vectors, and secure configuration practices.

• Proficiency with common penetration testing tools (e.g., Burp Suite, Nmap, Metasploit, Kali Linux toolset) and scripting languages (e.g., Python, PowerShell, Bash).

• Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.

• Experience working with financial sector clients or in regulated industries is an advantage.

• Able to communicate in English and Mandarin to handle international projects.