Cybersecurity Technical Lead

We are looking for a highly experienced and well-rounded Cybersecurity Technical Lead to join our growing team. This role goes beyond traditional Vulnerability Assessment and Penetration Testing (VAPT) and requires strong technical depth across multiple security testing disciplines, including application security, infrastructure, cloud, and OT/ICS environments.

As a Cybersecurity Technical Lead, you will serve as the technical authority across security testing engagements, guiding teams, assuring quality, and advising clients on risk-based security improvements. You will work closely with stakeholders across commercial, government, and regulated sectors, delivering assessments that are technically rigorous, compliant, and actionable.

• Lead and oversee a broad range of security testing engagements, including:
• Infrastructure VAPT (on-prem, cloud, hybrid)
• Web Application Penetration Testing (WAPT)
• Mobile Application & API Security Testing
• Secure Configuration Review / Security Configuration Testing (SCT)
• Static Application Security Testing (SAST) and coordination of DAST / IAST where applicable
• OT / ICS VAPT for industrial, IoT, and cyber-physical systems
• Design testing strategies that balance manual testing, automated scanning, and risk-based analysis.

• Lead client briefings, technical walkthroughs, and executive debrief sessions.
• Translate technical findings into business and operational risk.
• Advise on remediation, secure design, hardening, and long-term security improvement roadmaps.
• Support pre-sales and tender responses, including scope definition, effort estimation, and technical clarification.

• Mentor and upskill consultants across different testing disciplines.
• Review and approve junior team members’ test plans, methodologies, and reports.
• Build internal capability in advanced testing areas (e.g. SAST, OT security testing, cloud-native security).

• 5–8+ years of hands‑on cybersecurity testing experience, covering more than just VAPT.
• Proven experience leading or acting as technical authority on complex security assessments.
• OSCP – required
• CREST CRT / CCT / CPSA – strongly preferred
• CISSP, CISM – strongly preferred
• GIAC (GICSP, GPEN, GWAPT, GXPN)

• Competitive salary with performance-based incentives
• 20 days annual leave
• Medical (Inpatient & Outpatient) & Dental coverage
• Flexi-benefits scheme
• Training budgets and certification sponsorship
• Exposure to enterprise, government, OT, and regulated sector projects
• A technically driven culture that values quality, integrity, and continuous learning

You will be joining a CREST‑accredited cybersecurity firm trusted by enterprises and public‑sector organisations across Singapore and the region. This role offers the opportunity to influence how security testing is delivered, expand into advanced domains such as OT and application security, and help build a high‑performing technical team.