Associate Security Consultant

Job Description & Requirements

WithSecure Consulting delivers research-led cyber security to defend organizations, society, and people from real-world attacks and build resilience into their approach. Our people are a mix of technical and creative experts – diverse, talented, and passionate people – working tirelessly to help us advance the industry with new ways of thinking. They lead their own development, in and out of the office. They call the shots when it comes to building a place to call home in our organization.

We currently have an opening for an Associate Security Consultant within our Singapore office! Your role will involve carrying out penetration testing and security assessments of typical and unique pieces of technology to sophisticated and progressive cloud-native systems.

We’d also love you to do some research to ensure your skills remain relevant in a fast-paced world of security. How you spend the rest of the time that’s not working with clients is your call. WithSecure has a commitment to research. Based on their skillset and inclination, our consultants get a percentage of their time dedicated to security research. Whether it is used to investigate new software, hardware, or protocols, we encourage our team to push the boundaries of what is possible!

What we need:

We solve complex cyber-security problems on a daily basis and to do that requires an interesting mix of skills. To be successful at WithSecure and help our clients with their challenges we know you’ll need the following:

• A passion for security! You love computers, you love security, and you love hacking things and solving problems. If this wasn’t your job it would be your hobby. Technical excellence. You know your subject area.
• Self-motivation. You’re capable of figuring out what spending time working is of benefit to WithSecure and our clients and then run with it.
• Communication skills. How can we add value to our clients' organisations unless we can tell them what we did, how we did it, and how they can fix it? This extends to sharing knowledge with your colleagues and the wider industry.

What are we looking for?

• An ideal candidate will have 1-2+ years of experience delivering hands-on cyber security consultancy projects with clients;
• WebApp Testing. You know your way around Burp, and can perform SQLi without using SQLmap.
• Infrastructure Testing. You understand that this doesn’t just mean running Nessus.
• Mobile App Testing. You are familiar with Frida and know how to tweak existing or write new Frida scripts.
• Support pre-sales/scoping – a strong ability to understand and quantify client requirements, and propose consultative approaches that will deliver the best possible outcomes for the client.
• Excellent verbal and written communication skills.
• Relevant practical certifications – valid and active OSCP and CREST (CRT)

What will you get from us

• Freedom – you will have the opportunity to define new ways of working how we engage with our customers, and how product value gets represented.
• You will work together with experienced and enthusiastic colleagues, and within WithSecure you'll find some of the best minds in the cyber security industry.
• A collaborative and supportive work environment with opportunities for career growth and advancement.
• Opportunities for continuous learning and development, including training, certification, and research time.