Senior Consultant

Vantage Point Security is a Crest Registered specialist in offensive security and Penetration Testing. We employ the same techniques as malicious attackers to identify and report security flaws and weaknesses in our clients business critical systems so they no longer present a risk to the business.

The Senior Security Consultant leads others in the delivery of penetration testing & offensive security projects to ensure a successful outcome that at least meets or exceeds the expectations of our clients.

The customer recognises you as a subject matter expert and they have confidence in the comprehensiveness of the testing methodology and the accuracy of the results.

Penetration testing projects are delivered efficiently and on schedule.

Projects are adequate scoped and that estimated testing times are clearly communicated for producing a Statement of Work (SOW).

Penetration testers are well informed and prepared to commence testing on schedule.

The client has prepared the testing environment prior to the project start date so that the engagement is executed smoothly and without delay.

The quality of the Penetration Testing Report by ensuring it has been peer reviewed and approved for release to the client.

All client data is managed in strict accordance with Vantage Point Security data security and protection policies throughout the project.

Act as the primary technical owner for projects internally and externally with the client.

Work closely with the Project Manager and be fully aware of all projects in the delivery schedule and their progress status.

Perform manual penetration tests of websites, services, infrastructure, networks, IoT Devices, and mobile applications to discover and report exploitable vulnerabilities.

Provide technical leadership and guidance to assist team members to master attack methods and reliably perform 100% coverage of all assigned test cases.

Clearly document and communicate findings and recommendations to the client.

Author new test-cases that meet the requirements of emerging technologies and security requirements.

Continuously learn and master new hacking methods in new and emerging technologies.

Maintain a minimum of CREST CRT certification.

Provide presales support by attending project briefings and perform technical scoping to assist with the production of SOWs.

Advise the Project Manager on appropriate resource allocation on a project-by-project basis.

Penetration Testing:

Act as the primary contact between the customer and the client.

Attend the project kick-off meeting and ensure the client is prepared so that testing can commence on schedule.

Effectively delegate and manage a project team on large projects to ensure the project meets the clients expectations and is successfully completed on time.

Engage with the client and consultants to ensure there is a well-defined escalation process for quickly resolving any technical issues during the penetration test.

Communicate effectively with the penetration testers throughout the testing and provide technical support and guidance.

Escalate any issues as appropriate to the Project Manager and Associate Principal/Principal/Country Manager for quick and efficient resolution such as time delays.

Ensure the quality and the timely delivery of the Penetration Testing Report.

Be able to effectively translate complex technical vulnerabilities into real world business impacts that business stakeholders can easily understand, and provide the clients technical representative with clear and effective remediation advice that is actionable.

Provide on the job training by overseeing Associate Consultants and Consultants on smaller assigned projects to ensure they are delivered to VP standards.

Be able to provide effective answers and solutions to any technical questions regarding testing methods, remediation advice and recommendations of reported findings.

Recommend and support company initiatives that provide the ongoing professional development and wellbeing of the team.

Support Associates through their CRT accreditation process as a mentor.

Be an active contributor in sharing knowledge at Vantage Point Show and Tell sessions and help to provide an environment where everybody is continuing to learn and develop.

Keep up to date with the latest testing and hacking methods and technology advancements through attending technical conferences.

At least 3 years or more hands-on penetration testing experience

Strong analytical skills, able to leverage complex data to identify opportunities, recognise problems, and draw logical conclusions.

Demonstrated experience in one or more computer programming or scripting languages such as Python, PowerShell, or JavaScript.

Understanding of network architectures, both cloud and physical networks, and deep understanding of the underlying OSI Model.

Experience with security touch points in the SDLC such as architecture risk analysis, threat modelling, security requirement gathering and source code analysis.

Reports to: Country Manager and Principal Consultant/Regional Managing Principal

Hours: Full Time (40 hours/week)

Language: Must be proficient in spoken and written English and Chinese.

Location: Primarily based in our Singapore office or at our client sites but may be required to travel occasionally to our other business locations