• Security Analyst, Penetration Tester

    Location SG-Singapore | SG-Singapore
    Job ID
    2018-10589
    # of Openings
    1
    Job Category
    Information Technology
  • Overview

    Other companies make products. We make a difference!  Click Here!

     

    Promoting safe living and working environments.

     

    Career_header_4

     

    Underwriter’s Laboratories (UL) is a safety-science company that – for the past 100+ years – has had a strong focus on home and workplace safety. The new UL Identity Management & Security division of UL extends this safety mission from ‘safety in the physical world’ to ‘security in digital the digital world’. UL Identity Management & Security focusses on securing large, mission critical digital transaction infrastructures such as payment networks, ticketing infrastructures, and mobile commerce environments.

     

    The UL Identity Management & Security team in Singapore serves to offer certification services for (new) cards, terminals and hosts in the payment industry. Since this market is moving and growing rapidly, UL Identity Management & Security – as a customer focused company – needs to constantly move along with and adapt to the market.

     

    Currently UL Identity Management & Security is hiring a Security Analyst, Penetration Tester for our office in Singapore. The successful candidate for this position will be responsible for hands-on penetration testing experience on infrastructure, network, web applications, mobile applications. This will include the analysis and knowledge experience of using a variety of penetration testing or threat modelling tools including open source and commercial. The position includes the representation of the company in industry forums and the management of complex projects. The Security Analyst should have an innovative approach experience in executing security assessments and penetration tests to highlight and clearly articulate risk to the business in terms they understand.

    Responsibilities

    • Support the Sales and Project Management team on evaluation scoping, resource requirements, certification body and customer expectations. 
    • Conduct end-to-end security testing with clients on infrastructure, network, web applications, mobile applications etc. This often requires traveling to customer premises 
    • Perform secure code review as per customer and industry best practices 
    • Use a variety of penetration testing or threat modelling tools including open source and commercial 
    • Create detailed technical reports of security tests in line with customer and certification scheme requirements 
    • Clearly articulate risk to the business in terms they understand 
    • Provide consultancy to remediate security gaps 
    • Develop sophisticated, state-of-the-art attacks with tools and scripts by maintaining a high level of expertise in the latest attack methods against embedded products 
    • Maintains/improves technical knowledge by attending educational workshops, reviewing professional publications, obtaining applicable certifications and participating in professional societies and cross-departmental task forces. 
    • Contribute to internal work processes by improving tools to evaluate efficiency, report writing and technical training. 

    Qualifications

     

    • Degree holder in Computer Security, Computer Science or equivalent discipline
    • At least 3 years’ hands-on penetration testing experience on infrastructure, network, web applications, mobile applications etc.
    • Experience in secure code review are highly desirable
    • Solid knowledge and experience of using a variety of penetration testing or threat modelling tools including open source and commercial
    • Relevant security certifications high desirable and outstanding organizational and data analytics skills
    • Experiencing in executing security assessments and penetration tests to highlight and clearly articulate risk to the business in terms they understand
    • Create detailed technical reports of security tests in line with customer and certification scheme requirements
    • Proven consultancy experience to remediate security gaps
    • Work independently, to be innovative and creative.
    • Able to demonstrate aptitude and a strong potential to learn quickly.
    • Enjoys working in a team and has the ability to engage their colleagues. 

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Not ready to apply? Connect with us for general consideration.