Job Description

Role: Senior Security Consultant (Penetration Testing)

Location: Singapore

The Opportunity:

The Senior Security Consultant role offers an exciting opportunity to consultant and deliver our diverse range of technical security services to help clients.

The primary function of the role involves delivering security testing to our clients, identifying vulnerabilities and recommending corrective actions. The role also requires the ability to explain the output of a security testing to a non-technical client.

Occasionally the role may involve leading larger client projects. All work should strive to achieve a high level of customer satisfaction. Conducting focused research when not engaged on client billable projects.

You will be working in a team of technical security consultants. It is expected that you will work well in a team and share research to promote knowledge sharing. Knowledge sharing can be achieved through shadowing projects, technical mentoring, technical presentations, sharing tool development, and constructive report QA feedback.

Proficiency in the following technical areas is favourable:

• Networking and associated protocol knowledge and experience
• Strong web application, API, and web services testing experience
• Applied cryptography, mathematics or computer science experience
• Mobile and compiled application security knowledge and experience
• Applied security research
• Technical security threat modelling
• Cloud service testing (AWS / Azure)
• SDLC implementation and testing
• Software development or programming/scripting abilities
• Source code review
• Reverse engineering
• Fuzzing

Responsibilities

• Proficiency in the use and application of security technologies
• Assist in the identification, resolution and documentation of security vulnerabilities
• Providing technical scoping advice and assisting pre-sales
• Responsible for adhering to all internal policy and security procedures
• Ability to travel to clients' sites to perform security engagements as required
• Delivering high quality technical services to clients
• Developing skills on internal security projects
• Ability to lead technical teams on client engagements

Key Skills

• Ability to develop your own security testing tools
• Experience using common security testing tools
• Strong customer facing consulting skills
• Good analysis and report writing skills
• Identify vulnerabilities and be able to recommend corrective action
• Ability to explain the output from a security test to a non-technical client
• The following certifications are favourable, such as:

• Offensive Security Certified Professional (OSCP)
• Offensive Security Certified Expert (OSCE)
• Offensive Security Exploitation Expert (OSEE)
• GIAC Advanced Penetration Tester (GXPN)
• CREST CCT or CRT

What's in it for you? NCC Group offers a lot of benefits not limited to:

• Opportunities for accelerate your career
• Friendly, supportive environment
• Flexibility - Working from home
• Casual dress code
• Exposure to industry research and conferences

About NCC Group

The NCC Group family has over 2,600 members located all around the world, providing a trusted advisory service to 15,000 customers. Born in the UK, we have now have offices in North America, Canada, Europe, Asia- Pacific and United Arab Emirates.

We are passionate about helping our customers to protect their brand, value and reputation against the ever-evolving threat landscape. We fuel that passion with investment in our people and our business.

Our values and code of ethics are at the heart of how we operate - we work together, we are brilliantly creative, and we embrace difference. We treat everyone and everything with equal respect.

We want to create an environment where all colleagues feel psychologically, emotionally and physically safe to be authentic, sharing their personal experiences to represent the diversity of the world they live in, and have equal opportunity to achieve their best.

If your skills and experience meet the needs of the role requirement, we will endeavour to respond to every application within 10 working days. However, if you haven't heard back from us within this timeframe on this occasion your application has unfortunately been unsuccessful, but please do continue to keep an eye on our career opportunities as there may be other more suitable roles.

We may also store your CV on our database for any future vacancies.

Please email if you do not want us to retain your details. All personal data is held in accordance with the NCC Group . We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.

*Please note that this role has background clearance as mandatory due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process *