Senior / Lead Offensive Cybersecurity Engineer (VAPT)

Join our dynamic team at xcellink as a Mid-Level Cybersecurity Engineer. In this pivotal role, you will utilize your technical skills to protect critical information systems and facilitate secure operations across our organization.Key ResponsibilitiesConduct security assessments and penetration testing to identify vulnerabilities and develop threat models.Implement and automate security tools within CI/CD pipelines to enhance security measures.Respond to security incidents and provide education on secure coding practices to developers, ensuring adherence to security standards and regulations.Collaborate with IT and other departments to promote and implement security best practices.Stay informed about emerging cybersecurity trends, threats, and technologies.Monitor security systems and assist in incident response efforts.Evaluate current cybersecurity protocols and propose improvements to strengthen security posture.Document findings, procedures, and recommendations comprehensively.Mentor and guide junior cybersecurity engineers within the team.

Xcellink is on the lookout for a dynamic and skilled Cybersecurity Technical Manager to become a vital member of our Enterprise Operations team. In this pivotal role, the Technical Account Manager, Cybersecurity will merge technical acumen with business strategy. This position is designed for a proactive individual who will act as the primary technical authority and commercial advocate for our cybersecurity solutions.This role demands extensive cybersecurity knowledge, hands-on experience with implementations, and familiarity with governance frameworks and market demands.The successful candidate will convert technical insights into actionable service offerings, build relationships with clients as a trusted advisor, and contribute to expanding our cybersecurity portfolio. This high-impact position is ideal for someone with both technical prowess and a business-oriented mindset.

Join Adventus as an Associate Cybersecurity Engineer and play a vital role in protecting our information systems and networks. You will collaborate with a team of cybersecurity professionals to implement security measures, conduct vulnerability assessments, and respond to incidents, ensuring the integrity of our data and infrastructure.

Assurity Trusted Solutions (ATS), a subsidiary of the Government Technology Agency (GovTech), has been a reliable partner for over a decade, providing a comprehensive array of products and services. Our offerings include infrastructure and operational services, governance and assurance services, and managed processes. In the ever-evolving digital and cybersecurity landscape, where trust and collaboration are paramount, ATS is dedicated to achieving mutually beneficial outcomes by working closely with GovTech, various governmental agencies, and commercial partners to reduce cyber risks and enhance security measures.We invite skilled professionals to join our team as Cybersecurity Engineers, specifically those with a solid foundation in Security Operations (SecOps). Successful candidates will be employed under a direct contract until November 30, 2028.Key Responsibilities:Develop and uphold cybersecurity standards, procedures, configurations, and rules for systems and services as part of our dedicated team.Conduct security exercises, including table-top and simulation drills, to validate security procedures.Engage in security incident response, analyzing alerts, coordinating with system operators, identifying threats, and performing initial triaging before escalating to senior security responders.Coordinate Indicators-Of-Compromise (IOC) scanning and compile reports from various system operators to provide consolidated updates to stakeholders.Conduct vulnerability assessments using both automated and manual tools, and recommend actionable remediation strategies. Understand published vulnerabilities and their corresponding security patches in relation to deployed systems, and perform risk assessments.Monitor and communicate security patch releases for various products, and participate in security patch assessments using standards like the Common Vulnerability Scoring System (CVSS), contextualized within the deployed environment.Present findings and reports to stakeholders regarding vulnerability scans, security testing outcomes, security incidents, and the overall security posture of systems.

Join Assurity Trusted Solutions (ATS), a subsidiary of the Government Technology Agency (GovTech), as we lead in the ever-evolving landscape of cybersecurity. With a decade of experience, we offer an extensive range of products and services, including infrastructure and operational services, authentication, governance, and assurance services, all aimed at fostering trust and collaboration in the digital world.We are seeking a Senior Cybersecurity Engineer specializing in Architecture and Solutioning. The ideal candidate will be well-versed in Network Security or Device/Endpoint Management and will be engaged in a contract capacity.Key Responsibilities: Act as the subject matter expert (SME) in Cybersecurity. Conduct thorough Threat Risk Assessments across applications, cloud infrastructure, and enterprise systems. Utilize structured methodologies (e.g., STRIDE) for Threat Modelling, integrating MITRE ATT&CK effectively. Lead and collaborate with multi-disciplinary teams to implement cyber security controls across various environments, including cloud and on-premises. Provide insights for configuring and improving security detection and response tools (e.g., SIEM, VA, NDR, XDR, EDR) for enhanced operational efficiency. Evaluate new technologies and validate their security through lab setups and proofs of concept (PoC). Draft and specify technical security clauses for project tenders. Analyze, document, and present security findings and recommendations to stakeholders. Work with governmental bodies to define security requirements and collaborate with industry partners to implement functional capabilities. Ensure compliance with secure software development lifecycle practices, maintaining high coding standards and delivering quality products. Qualifications: Minimum of 5 years of experience in the cybersecurity domain. Proven experience in managing, deploying, and maintaining security infrastructure. Ability to manage contractors and collaborate effectively with cross-functional teams. Experience in conducting comprehensive security assessments, including threat modelling, vulnerability assessments, and penetration testing. Up-to-date knowledge of cybersecurity tools, technologies, and standards (e.g., OWASP and MITRE ATT&CK). Strong communication and interpersonal skills. Self-motivated with logical and analytical thinking abilities.

About Crypto.com Security Crypto.com’s Security Team brings together cybersecurity professionals from around the world. The group leads efforts in security, privacy, and compliance, maintaining and surpassing industry standards. Team members hold international patents for innovative security technologies. The Chief Information Security Officer, recognized by the Forbes Technology Council and listed among the Global Top 100 CISOs, reports directly to the CEO, underscoring the importance of security throughout the company. Crypto.com has achieved certifications such as ISO27001, ISO27701, ISO22301, PCI:DSS 3.2.1 (Level 1), NIST Tier 4, SOC 2 Type II, and holds the MPI License from Singapore MAS. The team values practical experience, decisive action, and ongoing learning to keep pace with the fast-evolving cryptocurrency landscape. Role Overview: Mid-Level IAM Engineer This position is based in Singapore. The Mid-Level IAM Engineer will join the Identity Security Team, focusing on Agentic AI management in a cloud-native setting. The role centers on designing and managing a secure identity ecosystem for both human and non-human identities. What You Will Do Design and manage identity solutions across human and non-human identities in a cloud-native environment Act as a technical owner for various Identity Management platforms Balance automation with strong security controls to protect Crypto.com’s operations Apply modern tools and AI-driven workflows to improve efficiency and scale security practices What We Value Technical expertise in identity and access management Experience with cloud-native environments Ability to adapt quickly to new challenges in the cryptocurrency sector Commitment to continuous learning and practical problem-solving Learn more about us at Crypto.com.

Assurity Trusted Solutions (ATS), a proud subsidiary of the Government Technology Agency (GovTech), is at the forefront of providing a robust suite of cybersecurity products and services. With over a decade of experience, ATS collaborates with GovTech, various government agencies, and commercial partners to enhance security frameworks and mitigate cyber risks in an evolving digital landscape. Our commitment to trust and collaboration drives unparalleled business outcomes.Key Responsibilities:Lead the Security Orchestration, Automation, and Response (SOAR) processes to streamline cybersecurity operations and enhance incident response efficiency.Design and implement automated workflows to minimize manual cybersecurity tasks.Develop and maintain automation scripts and playbooks to facilitate operations, including reporting, monitoring, and incident response.Establish and uphold development standards for playbooks, including naming conventions, parameterization, and logging protocols.Optimize existing sub-playbooks for improved performance, error handling, and flexibility.Refactor legacy playbooks to promote reusability and consistency.Oversee integration of the SOAR platform with third-party applications and systems to align with operational workflows.Conduct thorough testing and validation of playbooks to ensure robustness in automated workflows and integration code.Implement and manage automation technologies within existing security frameworks.Collaborate effectively with cross-functional teams to ensure the successful integration of security automation initiatives.Engage with third-party system administrators or vendors to resolve integration and data flow challenges.Define and execute interface testing scenarios to validate successful integration.Monitor automation performance, identifying and addressing bottlenecks or failure points.Document workflows, decision-making logic, sub-playbook dependencies, and version changes comprehensively.Stay abreast of emerging security threats and technologies to propose innovative automated solutions.Provide training and support to team members on automated security processes and tools.

Join our innovative Cybersecurity (Software Systems) product group as a Software Engineer. In this pivotal role, you will design, develop, and implement cutting-edge software solutions to protect our nation's cybersecurity infrastructure. Collaborating closely with a talented team, you will identify project requirements, prioritize tasks, and ensure our products effectively meet the needs of stakeholders and operational users. Your contributions will play a vital role in enhancing national security.

Join Assurity Trusted Solutions (ATS), a leading subsidiary of the Government Technology Agency (GovTech), as we navigate the evolving digital and cyber landscape. For over a decade, ATS has been a trusted partner, delivering a robust range of products and services including infrastructure and operational services, authentication solutions, governance and assurance services, and managed processes. We collaborate with GovTech, various government agencies, and commercial partners to enhance security postures and mitigate cyber risks, striving for mutually beneficial outcomes in a world where trust and collaboration are paramount.We are actively seeking a skilled Cybersecurity Engineer specializing in Digital Forensics and Incident Response to join our dynamic team.Key Responsibilities:Lead incident response initiatives through every phase of an incident:Conduct thorough triage and investigations of suspected cybersecurity incidents to ascertain scope and severity.Develop and implement effective containment strategies.Carry out comprehensive investigations and root cause analyses to pinpoint attack vectors, tactics, and impacts.Perform digital forensic acquisitions and analyses of artifacts from diverse sources, including:Endpoint systems and serversNetwork devices and logsCloud environmentsMobile devices and storage mediaMaintain transparent communication with stakeholders throughout the incident lifecycle and prepare detailed post-incident reports with preventive recommendations.Offer expert insights for automating Security Operations (e.g., implementing SOAR playbooks).Develop and test incident response playbooks and processes.Stay informed of the cybersecurity landscape and emerging threat actor TTPs.

Join Assurity Trusted Solutions (ATS), a proud subsidiary of the Government Technology Agency (GovTech), where we have been a trusted partner for over a decade. Our mission is to provide an extensive range of products and services, including infrastructure and operational services, authentication services, as well as governance and assurance services. In a rapidly evolving digital landscape, we are committed to fostering trust and collaboration with GovTech, government agencies, and commercial partners to effectively mitigate cyber risks and enhance security postures.We are seeking a passionate and experienced Senior Cybersecurity Engineer, specializing in Endpoint Protection and Endpoint Detection and Response, to join our dynamic team!Your Key Responsibilities: Lead the implementation of enterprise security infrastructures, focusing on Endpoint Protection (EPP) and Endpoint Detection and Response (EDR), which includes contractor management, design validation, and test acceptance. Develop and maintain comprehensive security policies for EPP and EDR to monitor compliance and detect potential security threats. Engage with stakeholders to translate business, technology, and security requirements into actionable roadmaps for EPP/EDR enhancements and rollouts. Oversee ongoing maintenance of enterprise security infrastructures to ensure service and security posture reliability. Provide consultancy for threat and risk assessments throughout the system lifecycle, from implementation through to maintenance. Establish and maintain disaster recovery procedures, and conduct security breach drills. Assist in managing security incidents, focusing on containment and recovery processes. Plan and participate in security operations to ensure adherence to defined information security policies and standards, while adapting to evolving security threats.

Assurity Trusted Solutions (ATS), a subsidiary of the Government Technology Agency (GovTech), has been a reputable partner in the cybersecurity domain for over a decade. We provide an extensive range of services including infrastructure management, operational services, governance, assurance, and managed processes. In an ever-evolving digital landscape where trust and collaboration are paramount, ATS is committed to fostering secure environments through partnerships with GovTech, government agencies, and commercial stakeholders, effectively mitigating cyber risks and enhancing security frameworks.Key Responsibilities:GRC Leadership & Second Line of DefenceLead the governance of risk and compliance (GRC) within our team, shaping our approach to managing risks across various products and platforms.Function as the second line of defence for ICT risk and controls, providing an independent review of risk management, control design, and their effectiveness.Collaborate closely with the Product team to incorporate practical security measures and compliance protocols into daily operations.Security Plan Governance and AutomationOversee the governance and standards for Security Plan submissions across CIOO and product teams, ensuring templates, minimum evidence expectations, and quality benchmarks are maintained.Evaluate Security Plans and supporting documentation, assess control coverage and implementation maturity, and recommend approvals to stakeholders.Implement automation as an ongoing audit mechanism:Work with product and platform teams to establish automated checks for Security Plan evidence.Utilize automated checks to identify gaps, anomalies, and missing evidence, driving remediation efforts with product teams.Monitor and report on KPIs related to Security Plans, including control coverage, consistency, cycle times, and defect rates across CIOO and product teams.ICT Audit and Evidence ManagementDevelop, implement, and manage workflows for ICT audit, risk management, and findings reporting.Organize and maintain documentation and knowledge repositories as the definitive source for:ICT audit plans, scopes, and proceduresControl descriptions and standard evidence templatesCentralized repositories of audit evidence and Security Plan materialsPlan and conduct thematic and product-level ICT audits under the CISO’s guidance, independently verifying:Completion of required tasksReliability and sufficiency of evidence provided by product teams

Adventus is a leading Information and Communications Technology (ICT) Solutions and Services Provider with a significant global presence.Our mission is to empower organizations to drive transformative change by utilizing intelligent applications of innovative solutions and essential services, enabling them to excel in an increasingly competitive marketplace.With a robust network of technology partners, unparalleled domain expertise, and a unique value proposition, we consistently strive to exceed our customers' expectations.

Job Summary: Join us as a Trend Micro Engineer, where you will be instrumental in enhancing our IT security framework and operational efficiency. Your expertise will focus on utilizing the comprehensive suite of Trend Micro products, including Apex One, IMSVA, IWSVA, Server Protect, Email Security, and Cloud App Security, while integrating them with Microsoft Deployment Toolkit (MDT). By leveraging Trend Micro DDAN, Control Manager, and Apex Central, you will ensure robust threat intelligence and centralized management, thereby guaranteeing the secure, reliable, and optimized performance of our clients' IT infrastructure post-implementation.Key Responsibilities:Product Expertise and Deployment:Serve as the resident expert on Trend Micro and MDT products.Deploy, configure, and manage Trend Micro solutions to enhance IT operations.Continuous Monitoring and Maintenance:Utilize Control Manager and Apex Central for ongoing operational monitoring.Conduct routine maintenance, updates, and patches to address vulnerabilities.Incident Response and Problem Solving:Lead responses to cybersecurity threats and technical challenges using Trend Micro DDAN.Deliver immediate resolutions to minimize disruptions and boost operational efficiency.Security Policies and Compliance Management:Devise and implement stringent security protocols across all IT systems.Ensure compliance with regulatory standards and internal policies, using Trend Micro solutions for data protection and threat prevention.Reporting and Data Analysis:Create detailed reports on security incidents, system performance, and compliance status.Provide actionable insights and recommendations to optimize systems and mitigate risks.Collaboration and Training:Work closely with IT teams and various departments to promote secure and efficient operations.Facilitate training sessions on Trend Micro product functionalities, cybersecurity best practices, and effective system utilization.

As a wholly owned subsidiary of the Government Technology Agency (GovTech), Assurity Trusted Solutions (ATS) has established itself as a leading Trusted Partner over the past decade. We provide an extensive range of products and services, including infrastructure and operational services, governance and assurance services, along with managed processes. In today's fast-evolving digital and cyber landscape, where trust and collaboration are paramount, ATS is dedicated to fostering mutually advantageous business outcomes by working closely with GovTech, government agencies, and commercial partners to mitigate cyber risks and enhance security frameworks.We are seeking a skilled AI Engineer to develop agentic AI systems for various cybersecurity applications. This role integrates large language models (LLMs) with robust AI/ML foundations, including data pipelines, classical machine learning where applicable, thorough evaluations, and essential safety measures. The position is a direct contract with us until March 31, 2027, with the possibility of extension based on performance.Key Responsibilities:Design, develop, and deploy agentic AI functionalities such as planning/execution loops, tool utilization/function calling, and multi-step workflows aimed at security applications like vulnerability triage, assistive exploit reproduction, and incident-response support.Implement and strengthen retrieval-augmented generation (RAG) techniques, encompassing indexing, chunking, routing, re-ranking, feedback loops, and data governance tailored for sensitive environments.Establish evaluation and observability frameworks for LLM/agent workflows, including tracing, cost/latency/quality dashboards, and both offline and online evaluations to facilitate product enhancements.Develop safety measures and guardrails including content policies, schema/output validation, PII redaction, prompt-injection defenses, and controlled tool permissions, while monitoring these mechanisms in production environments.Utilize traditional machine learning techniques for tasks like classification, regression, and anomaly detection when advantageous; conduct A/B testing and error analysis to identify the optimal approach.Take ownership of productionization processes, including CI/CD for AI applications, containerization, scalable inference endpoints, vector/search infrastructure, and operational runbooks with established service-level objectives (SLOs) for reliability.Collaborate effectively with product and security teams to define challenges, produce concise design documentation, and rapidly iterate while adhering to security and privacy standards.Carry out other assigned tasks as necessary; responsibilities may evolve with the product requirements.

Assurity Trusted Solutions (ATS), a proud subsidiary of the Government Technology Agency (GovTech), has established itself as a leading provider of comprehensive cybersecurity solutions over the last decade. We deliver a wide array of services that include infrastructure management, operational support, authentication services, governance, and assurance. In an ever-evolving digital landscape, where trust and collaboration are paramount, ATS collaborates closely with GovTech, various government agencies, and private sector partners to effectively mitigate cyber risks and enhance security frameworks. As an Offensive Cybersecurity Engineer, you will be pivotal in executing collaborative security testing engagements, and you may also undertake independent projects that focus on security assessments. Job Summary:Conduct thorough Vulnerability Assessment and Penetration Testing (VAPT) across various systems, networks, and applications, catering to both small-to-medium enterprises (SME) and large-scale enterprise environments.Perform detailed source code and host configuration reviews to ensure compliance with industry best practices and security standards.Generate detailed technical documentation that outlines identified vulnerabilities, impact assessments, risk evaluations, and actionable remediation strategies.Stay updated on the latest threat landscapes, emerging vulnerabilities, and industry trends to continually enhance the organization’s VAPT capabilities.Provide expert cybersecurity consultancy, offering strategic recommendations to improve customers’ overall security posture.Assist in the development of technical methodologies and standards to uphold excellence within the VAPT delivery teams.

Join Accion Labs, a leading technology solutions provider, as we seek talented professionals to elevate our team. This mid-senior level position offers an opportunity to work on innovative projects in a dynamic environment. If you are passionate about technology and eager to make an impact, we want to hear from you!

Role overview Sopra Steria seeks a Cybersecurity Consultant based in Singapore. The role centers on supporting clients as they improve their digital security posture. Consultants assess client environments and deliver solutions that protect data and networks from current and emerging threats. Key responsibilities Engage with clients to identify and analyze their cybersecurity needs Develop and apply security measures tailored to each client’s situation Participate in projects focused on enhancing digital protection and managing new risks Help advance the team’s cybersecurity practices through ongoing contributions

About UsFounded in 1995 in the vibrant city of Singapore, Xcellink exemplifies the attributes of our homeland: process-driven, productivity-oriented, and results-focused. As a leading professional services firm, we take pride in our commitment to integrity, teamwork, resilience, and robust partnerships. With a diverse and multicultural talent pool, we have dedicated over two decades to excel in IT-centric recruitment solutions and Enterprise ICT Operations management, establishing ourselves as a reputable vendor partner for rapidly growing global firms, established local businesses, and government-linked corporations.Join Our SparX Traineeship ProgramAre you an aspiring IT professional or a career changer eager to dive into the expanding world of cybersecurity? Enroll in our SparX Traineeship Program – "Strengthening Potential, Accelerating Readiness" to acquire essential cybersecurity skills and gain invaluable real-world experience.This program is meticulously crafted to upskill and reskill individuals into Cybersecurity Engineers and Analysts through comprehensive training and practical client engagements.Program Overview:Intensive TrainingThe program kicks off with a fully sponsored, rigorous 1-week full-time training in cybersecurity fundamentals, encompassing crucial topics such as:Security Monitoring & Threat Detection – Utilizing SIEM tools, recognizing anomalies, and comprehending cyber threats.Incident Response & Forensic Analysis – Managing security breaches, investigating incidents, and escalating threats.Vulnerability Assessment & Penetration Testing – Detecting security vulnerabilities in networks and applications.Compliance & Risk Management – Aligning cybersecurity frameworks with ISO 27001, NIST, and other regulatory standards.Trainees will benefit from mentorship by seasoned cybersecurity experts and work in a live security operations environment.Client Attachment & Practical ExperiencePost-training, participants will embark on a 12-month client attachment initiative, acquiring hands-on experience in cybersecurity operations, which includes:Monitoring security events and probing threats.Executing security assessments and penetration testing.Assisting in compliance audits and security risk evaluations.Collaborating with cybersecurity engineers on various security projects.Those who excel may be offered full-time positions within our client organizations.Cybersecurity Roles & TracksWe present various tracks tailored to your experience level and career goals:Cybersecurity Analyst (Associate I) – Ideal for IT professionals or mid-career changers...

We are seeking a skilled Level 2 Network Firewall Engineer to play a pivotal role in managing and supporting the firewall and broader network infrastructure within public healthcare environments. This position entails collaboration with Level 1 engineers and other Level 2/3 teams to ensure secure, stable, and efficient network operations across various locations.Key Responsibilities:Deliver Level 2 support for firewall and intrusion prevention systems (IPS), including setup, rule management, monitoring, and troubleshooting.Work in unison with cross-functional teams to manage network and security devices deployed across multiple healthcare campuses.Maintain and optimize firewall configurations and policies in accordance with security standards.Respond to security incidents in partnership with the security operations team, conducting root cause analysis and remediation.Support core network infrastructure, including routers, switches, and wireless controllers.Engage in change management processes and assist in root cause analysis for network or security-related issues.Ensure compliance with SLAs and contribute to regular performance and incident reporting using ITSM/ITOM tools.Take part in capacity planning and system optimization efforts for firewall and network components.Maintain comprehensive documentation for configurations, troubleshooting procedures, and network policies.