jobs in Gravitas Recruitment Group (Global) Ltd

Gravitas Recruitment Group (Global) Ltd Hiring! Full Time Penetration Tester in - Ricebowl

Penetration Tester

Gravitas Recruitment Group (Global) Ltd

Undisclosed

Singapore

Share
Save

Working Location

  • Singapore

Job Description

Responsibilities

Responsibilities:

  • We are looking for a motivated and technically skilled Penetration Tester with strong experience in conducting end-to-end Vulnerability Assessments and Penetration Testing (VAPT) across multiple environments.
  • The ideal candidate will possess solid technical expertise, strong reporting and scripting capabilities, and the ability to work closely with clients during both pre-sales discussions and project delivery.
  • This role offers an excellent opportunity for professionals looking to advance their career within a CREST-aligned security consulting environment, delivering high-impact cybersecurity services to critical industries.
  • Penetration Testing & Security Assessments
  • Plan, execute, and document penetration tests across web applications, mobile applications, APIs, infrastructure, cloud platforms, and internal/external networks (Black-box, Grey-box, and White-box testing).
  • Conduct source code reviews to identify insecure coding practices, logic flaws, and potential vulnerabilities.
  • Develop custom proof-of-concept (POC) scripts and exploits using languages such as Python, PHP, JavaScript, and HTML.
  • Utilize industry-standard security tools including Burp Suite, Nessus, Checkmarx, HCL AppScan, and WebInspect, alongside manual testing techniques.
  • Perform security assessments aligned with recognized frameworks such as OWASP, NIST, CREST, and MITRE ATT&CK.
  • Reporting & Documentation
  • Produce detailed technical and executive-level reports, including risk assessments and remediation recommendations.
  • Develop and maintain standardized testing methodologies, documentation, and reporting templates.
  • Conduct peer reviews of security assessments and reports to ensure technical accuracy, clarity, and quality.
  • Client Engagement & Pre-Sales Support
  • Assist with pre-sales activities, including technical scoping, requirements analysis, and proposal preparation.
  • Participate in client meetings to present findings, explain security risks, and recommend mitigation strategies.
  • Build and maintain strong client relationships to ensure project success and long-term engagement.
  • Team Collaboration & Development
  • Mentor and support junior security testers or interns, promoting knowledge sharing and professional development.
  • Collaborate with internal teams to enhance testing methodologies, internal tools, and knowledge repositories.
  • Stay informed about emerging vulnerabilities, threat trends, and security technologies.


Requirements:

  • Minimum 4 years of hands-on penetration testing experience
  • CREST CPSA and CRT certifications preferred
  • Additional certifications such as OSCP, OSWP, HTB, CBBH, or CISSP are advantageous
  • Red Team experience is a plus
  • Strong knowledge of OWASP Top 10, MITRE ATT&CK, CVSS, and secure coding practices
  • Proficiency in scripting and automation using Python, PowerShell, or Bash
  • Experience using both automated security tools and manual testing techniques
  • Excellent written and verbal communication skills, particularly for technical reporting and client presentations
  • Ability to manage multiple projects and deadlines in a fast-paced consulting environment
  • Experience with cloud security testing in environments such as AWS, Azure, or GCP
  • Understanding of DevSecOps practices and integration of security within CI/CD pipelines
  • Familiarity with Red Teaming, adversary emulation, or Purple Team operations
  • Participation in bug bounty programs or Capture-the-Flag (CTF) competitions


Application:

  • Apply to this job posting, and email your CV with the job title as the subject line to: *************

Important Information

Never provide your bank or credit card details when applying for jobs. Do not transfer any money or complete unrelated online surveys. If you see something suspicious, Report this Job ad.

Learn More