You are visiting this website from:
View All Jobs

Head of Vulnerability Assessment

Job Seekers Singapore IT Financial Services - Banking

Job Summary

  • Singapore
  • Permanent
  • BBBH796536
  • Oct 20, 2021
  • Competitive
Job Description

Our client within the Financial Services is seeking to build a vulnerability management services (VMS) team in Singapore

We are currently seeking for a Head of Vulnerability Management who has a strong experience in building and growing the VMS team. The key responsibilities include driving and leading the team in designing, developing, deploying, maintaining and enhancing the vulnerability management capabilities.


  • Provide leadership to a highly talented and motivated group of security professionals.

  • Establish cross functional partnerships with product teams to implement security testing modalities (SAST, DAST, SCA) early in the SDLC, increase adoption of reusable security architectures/patterns, and improve overall development throughout the different Secure SDLC processes.

  • Research technical security issues, create proof of concepts, calculate risk, and responsibly disclose issues to vendors and clients.

  • Present highly technical results and strategy to senior management and C-Level

  • Interface with application security and infrastructure defense efforts to influence future strategy based on observed trends.

  • Implement and oversee Coordinated Vulnerability Disclosure program as a bug bounty process to encourage security researchers to research and responsibly disclose security vulnerabilities.

  • Interface with regulators in discussions around penetration testing, application security, threat modeling, and security architecture.


  • 10+ years of demonstrated experience leading teams to achieve business objectives, cultivating talent, building cross-functional teams.

  • Knowledge and experience operating industry's top application security testing tooling (SAST, DAST, IAST), penetration testing, exploit research and development

  • Ability to assess complex architectures that extend beyond on-prem infrastructures to the Cloud or external partners.

  • Ability to lead, influence and collaborate with remote team members, proven delivery, remediation background

  • Understanding of security operations concepts, vulnerability management and compliance remediation within a complex organization.

  • Understanding of the security threat environment relative to network architectures, designs, topologies, applications, databases, etc.

  • Knowledge of cyber kill chain/MITRE ATT&CK framework

    If you are interested to apply, feel free to write to Pam Lim at

    Referrals are also welcome


    EA Licence No: 11C5502

    Registration No: R1106192

    License Name: Lim Sook Fern

    Only shortlisted candidates will be responded to, therefore if you do not receive a response within 14 days please accept this as a notification that you have not been shortlisted.