SECURITY CONSULTANT (SOURCE CODE REVIEW) Professional Security Services / Singapore


  • Enhance customers' security network posture, controls, policies and processes by providing advisories and technical recommendations to customers
  • Prepare technical proposals, tender documentations, presentations, technical briefings, and conduct follow-up discussions and implementations
  • Primary roles
    • Perform secure code reviews according to OWASP Top 10 manual, and automated code reviews on the following languages: Java, J2EE, ASP, .NET, C, C++, Ruby, Python and PHP
    • Familiar with secure code review tools such as Checkmarx
  • Secondary roles
    • Perform vulnerability assessment and penetration testing in different environments like host, network, web, application, mobile, database, wireless, embedded device and SCADA
    • Conduct operational and security-related audits, risk assessment, process reviews to ensure compliance to industry-specific guidelines such as ISO/IEC 27001, CoBIT, NIST, OWASP and/or OSSTMM
    • Attain required certifications and qualifications for personal growth and team achievement


  • Degree in IT or a computer-related or engineering field
  • At least 3 years' technical experience in infocomm security or forensics consulting
  • Technical, hands-on expertise in performing secure code reviews (i.e., Java, J2EE, ASP, .NET, C, C++, Ruby, Python and PHP), and manual and automated code reviews
  • Technical, hands-on expertise in system administration Microsoft LAN/WAN, Linux/*nix, mobile technologies, virtualisation, and strong knowledge of TCP/IP networks and other security technologies will be advantageous
  • Essential knowledge and familiarity with Linux CLI, a scripting language such as Python, Ruby and/or Perl, JavaScript, and MySQL will be advantageous
  • Familiarity with basic ANSI SQL and database environments will be advantageous
  • A team player who can perform under pressure and tight schedule
  • Excellent communication, presentation and writing skills
  • Preferably possess professional certifications IT security or digital forensics, such as CCNA, CISSP, CSSLP, CISA, CISM, CRISC, OPST, ACE, EnCE, ISMS Lead Auditor and/or SANS series certification (GSSP-JAVA, GWEB, GSSP-.NET, GCIA, GCIH, GPEN, GWAPT, GMOB, GREM, GXPN)
  • Traveling on overseas assignments is expected but would be kept at a minimum with advanced notice
Apply For This Position
Certis CISCO Terms of Use Privacy Policy © 2017 Quann
Back to top