jobs in Morgan Mckinley Pte Ltd

全职 Application Security Tester 工作, 薪水 up to SGD 9,000, Morgan Mckinley Pte Ltd 公司招聘中 - Ricebowl

Application Security Tester

Morgan Mckinley Pte Ltd

SGD7,500 - SGD9,000 每月

Singapore

分享
保存

工作地点

  • Singapore Singapore

职位描述

岗位职责

We're seeking an Application Security Tester to evaluate the security posture of web, cloud, and API applications, identify vulnerabilities and misconfigurations, perform penetration testing, and ensure compliance with secure coding standards. 

Key Responsibilities: 

Security Testing & Assessment

  • Execute static (SAST), dynamic (DAST), interactive (IAST), and API security testing across diverse applications.
  • Carry out manual penetration testing to identify business logic weaknesses, privilege escalation opportunities, and complex vulnerabilities not detected by automated tools.
  • Discover, exploit, and validate vulnerabilities in alignment with industry standards such as OWASP Top 10, SANS CWE Top 25, and NIST.
  • Interpret results from automated security scanners and collaborate with developers to ensure effective remediation.
  • Provide expert input on secure coding practices, threat modeling, and risk mitigation strategies.

Reporting & Documentation

  • Develop clear and actionable vulnerability reports that include risk ratings, exploitation details, and recommended controls.
  • Monitor remediation progress and assist engineering teams with root‑cause analysis.
  • Maintain comprehensive documentation of testing methodologies, standards, and frameworks to support consistency and compliance.

Requirements:

  • Bachelor's degree in Computer Science, Information Security, or a related discipline.
  • At least 3 years of professional experience in application security testing, including penetration testing and vulnerability assessment.
  • Solid understanding of web application architecture, authentication, authorization, and data flow processes.
  • Proficiency with security tools such as Burp Suite, OWASP ZAP, Postman, Nessus, Checkmarx, Veracode, Fortify, and SonarQube.
  • Practical experience with scripting or automation using Python, Bash, PowerShell, or JavaScript.
  • Familiarity with cloud‑native security (Azure) and API security testing.
  • Strong grasp of secure coding standards and common vulnerability patterns.

Interested candidates may apply through the application system or send it to [HIDDEN TEXT]. Shortlisted candidates will be notified.

By sending us your personal data and curriculum vitae (CV), you are deemed to consent to Morgan Mckinley Pte Ltd and its affiliates to collect, use and disclose your personal data for the purposes set out in the Privacy Policy available at *************. You acknowledge that you have read, understood, and agree with the Privacy Policy.

Morgan McKinley Pte Ltd

Koh Boon Sien

EA Licence No: 11C5502

EA Registration No. R1110345  

重要安全守则

申请工作时,切勿提供您的银行或信用卡详细资料。不要转账或完成无关的在线调查问卷。如果您发现可疑内容,请举报此招聘广告。

了解更多