JOB DESCRIPTION

The successful incumbent will be part of the Information Security Department within the Information Technology Division.

REQUIREMENTS

• Bachelor’s degree
• At least 6 years of experience in the IT industry, with a minimum of 4 years in vulnerability management or a similar role.
• Strong understanding of common vulnerabilities and remediation techniques (e.g. OWASP Top 10).
• Experience with attack simulation, penetration testing, red teaming or other offensive security testing.
• Skilled in conducting root cause analysis for vulnerabilities and determining appropriate technical solutions.
• Proficient in handling large datasets and performing detailed vulnerability analysis.
• Detail-oriented with excellent analytical and written communication skills.
• Ability to clearly communicate security and risk-related concepts to both technical and non-technical audiences.
• Capable of working independently as well as in a collaborative, team-oriented environment.
• Preferred candidates with certifications such as OSCP, OSCE, GPEN, GWAPT, GXPN or equivalent
  We thank all candidates for your interest in Singapore Airlines, and regret that only shortlisted candidates will be notified

• Assess and analyse vulnerability reports from security researchers, vendors, and tools to understand their implications on our environment.
• Oversee vulnerabilities related to attack surfaces, ensuring they are promptly mitigated.
• Perform internal vulnerability assessments and penetration testing while ensuring the remediation progress of identified issues.
• Offer expert advice and recommendations to different teams on how to remediate vulnerabilities effectively.
• Supports SIA’s red teaming, penetrating testing and bug bounty initiatives.
• Keep updated with the latest in cyber threats, vulnerabilities, attack methods, and threat intelligence; evaluate their impact on the SIA network and systems, and initiate threat mitigation actions and advisories.
• Develop automated solutions to contextualise data sets and vulnerability reports, yielding actionable insights.
• Remain informed about current and emerging security solutions and improvements, proposing initiatives to fill gaps or bolster the overall SIA security posture.