Enable job alerts via email!
Security Tester
Borr Drilling
Singapore
On-site
SGD 70,000 - 100,000
Full time
Boost your interview chances
Job summary
A leading company in drilling is seeking a Security Testing Specialist to oversee security test planning, execution, and reporting. The role involves working closely with development teams to ensure secure codes and systems by conducting various security assessments and documenting recommendations. Candidates must possess CREST certification and have 4-7 years of relevant cybersecurity experience, especially in public sector projects.
Qualifications
- CREST certification required.
- 4-7 years of relevant experience.
- Experience in Public Sector projects (SCR, VA & PT) is a must.
Responsibilities
- Coordinate with development teams for security test planning.
- Perform source code security analysis and document findings.
- Conduct App-VAPT prior to production deployment.
Skills
Tools
Job description
Job Scope:
Security Test Planning & Preparation
Test Planning
Coordinate with development teams for testing schedules and plan testing timelines aligned with release schedules
Create security test plans for new applications, major releases and enhancements
Define testing scope and approach using Agency Cybersecurity Control templates
Define entry and exit criteria for security testing phases
Test Environment Preparation
Configure security testing tools in the designated environment for (1) SCR and (2) App-VAPT
Setup test data and test cases
Security Test Execution
Secure Code Review (SCR)
Perform source code security analysis for new applications, major release changes and enhancements
Use SAST tools to analyze code security and use SCA tools to review any open-source and third-party components included in the applications.
Document code security findings and verify remediations through retesting
App Vulnerability Assessment and Penetration Testing (App-VAPT)
- Conduct App-VAPT forNew Applications before production deployment
Major releases with significant changes
System enhancements affecting security controls
Use DAST tools for dynamic security testing
Documentation & Reporting
Document test results and generate test report using the Agency Cybersecurity Control templates
Provide recommendations for security improvements
Maintain evidence of security testing performed
Track security findings and remediation status
Provide System Security Plan (SSP) documentation
Report testing progress and coverage
Knowledge Transfer
Document security testing procedures
Share security testing findings with development teams
Provide guidance on security fixes implementation
Support security testing knowledge sharing sessions
Requirements:
Possess CREST certification
Experience in conducting SCR, VA & PT
4-7 years of relevant experience
Must have done at least 2-3 Public Sector projects (SCR, VA & PT)
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
