Security Consultant - CREST Certified, Singapore

Role: Security Consultant - CREST Certified
JD: Core Responsibilities & Technical Requirements . Strong hands-on experience performing compliance testing of mobile applications that meet certain Technology Security Standards and regulatory/industries requirements, eg MAS TRM, OWASP MSTG . In-depth knowledge of iOS/android architecture, including their underlying security mechanisms . Experienced with performing secure code review of Swift / Kotlin/Objective-C and Java applications. . Proficient with various reverse engineering tools such as IDA Pro, Ghidra, as well as Frida.re hooking framework or equivalent. . Knowledge of RM architectures (armeabi-v7a, arm64-v8a, etc) an advantage. . Experience analyzing and bypassing various security mechanisms commonly present in mobile applications (SSL pinning, root/jailbreak detection, anti (tampering, in-app VPN, etc). . Ability to develop BURP extensions to aid with mobile and web application tests. . Solid experience conducting Web Application Penetration tests following industry standards methodologies. . Ability to conduct comprehensive source code reviews across multiple languages (mobile, web, backend). . Web & Infrastructure Security Testing Qualifications & Skills . Bachelor's degree in Computer Science, Information Security, or related discipline. . Minimum 2 years of hands-on penetration testing or relevant offensive security experience. . CREST CRT certification mandatory. . Additional certifications such as OSCP, OSCE, OSEE, OSWE, Red Teaming, Cloud Security, Artificial Intelligence security credentials are advantageous. . Excellent oral and written communication skills, including the ability to present technical findings. . Strong organizational and time management skills able to manage multiple engagements and meet tight deadlines. . Self-motivated, proactive and able to work independently or as part of a team.