As a Consultant/ Senior Consultant in Attack Simulation Group, you required to perform vulnerability assessment, penetration testing (Application and Infrastructure), as well as adversarial attack simulation (Red Teaming or Purple Teaming) activities on Enterprise and CII systems (Operational Technology & Telecommunications). You will also be given the opportunity to do research and attend trainings to ensure that your skills remain relevant.

Responsibilities • Understanding of Penetration Testing Methodologies and the MITRE ATT&CK/FiGHT Framework • Ability to automate tasks by writing basic scripts/programs. • Basic hands-on experience with at least deploying cloud or on-prem infrastructure to facilitate the execution of red team exercises.

Requirements • Relevant qualifications in Cyber/Info Security or Computer Science/Engineering • At least 5- 8 years of relevant working experience • At least two years of experience in o Enterprise and Cloud attack simulation, and/or o OT engineering, operations, cybersecurity, and/or o Telecommunications engineering, operations, cybersecurity • CRT/OSCP or equivalent certifications in attack simulation is preferred, CCT/CCSAS/CCSAM is desirable. • Passionate about cybersecurity, technically hands-on, willing to learn, and curious about the inner workings of Enterprise/OT/Telecommunications technologies and exploiting their vulnerabilities. • Excellent analytical, conceptualisation and problem-solving skills • Strong communications and interpersonal skills to collaborate with multiple stakeholders. • Familiarity with security principles, policies, standards, and industry best practices If you share our passion to make a difference in the cyber security landscape, take up the challenge and apply now. All applicants will be notified on whether they are shortlisted or not within 4 weeks of the closing date of this job posting. For any issues with the application, you may drop your resume with us at csa_recruit@csa.gov.sg. Note: CSA will be shifting to Punggol Digital District (PDD) in year 2026.

About the Cyber Security Agency of Singapore Established in 2015, the Cyber Security Agency of Singapore (CSA) seeks to keep Singapore’s cyberspace safe and secure to underpin our Nation Security, power a Digital Economy and protect our Digital Way of Life. It maintains an oversight of national cybersecurity functions and works with sector leads to protect Singapore’s Critical Information Infrastructure. CSA also engages with various stakeholders to heighten cyber security awareness, build a vibrant cybersecurity ecosystem supported by a robust workforce, pursue international partnerships and drive regional cybersecurity capacity building programmes. CSA is part of the Prime Minister’s Office and is managed by the Ministry of Digital Development and Information. For more news and information, please visit www.csa.gov.sg