Search Results

Vulnerability Triage Specialist / Senior Vulnerability Triage Specialist

Careers@Gov
Agency: Government Technology Agency
Job no.: 532334
Work type: Permanent/Contract
Location: Singapore
Categories:InfoComm, Technology, New Media Communications

The Government Technology Agency (GovTech) aims to transform the delivery of Government digital services by taking an "outside-in" view, putting citizens and businesses at the heart of everything we do. We also develop the Smart Nation infrastructure and applications, and facilitate collaboration with citizens and businesses to co-develop technologies.

Join us as we support Singapore’s vision of building a Smart Nation - a nation of possibilities empowered through info-communications technology and related engineering.

Vulnerability Triage Specialist supports crowdsourced Vulnerability Disclosure Programmes by the Singapore Government. E.g. Bug bounty programmes. The Vulnerability Triage Specialist will be responsible for taking in vulnerability reports from various channels to verify their potential impact and assess their severity. Once a vulnerability is assessed, the Vulnerability Triage Specialist is expected to work with affected parties to get vulnerabilities fixed or mitigated.

What to Expect:

  • Assist in establishing the full impact of reported vulnerabilities for further reporting and draw insights on possible lapses in the software development lifecycle
  • Provide an independent analysis by replicating attacks to verify vulnerability reports and determine a severity score based on CVSS v3.0
  • Engage and advise vendors and/or internal developers solutions to the issues; balancing cost, time, and risk appetite
  • Ensure remediation and/or patching is done in a timely manner, within the committed contractual SLA of the vendor or remediation team

How to Succeed:

  • Diploma or Bachelor’s degree in Computer Science or any other related field of study. e.g. Information systems or Information Security Management
  • At least two years’ experience in penetration testing or related work for web / and mobile platforms
  • Professional certifications such as GPEN, GMOB, GREM, OSCP, OSCE, CISSP are favoured
  • Team player and able to work with time constraints
  • Singapore Citizenship

Advertised:
Applications close:

Back to search results Apply now

Share this:

| More
Back To TopTOP