On site
Contract
The company is seeking an experienced Application Security & Vulnerability Assessment Consultant to evaluate and enhance the security of enterprise applications and infrastructure across cloud, containerized, and on-premise environments. The role involves conducting security testing, vulnerability management, security audits, and risk analysis. Candidates should have strong expertise in application security testing and vulnerability management. The position offers a salary of 14,000.
This summary is AI-generated and may contain inaccuracies. Please refer to the full job description below.
[This job id 14974 first appeared in Job-Q.com on 17 Jun 2026]
We are seeking an experienced Application Security & Vulnerability Assessment Consultant to evaluate, validate, and strengthen the security posture of enterprise applications and supporting infrastructure. This role combines application security assurance, vulnerability assessment, security auditing, and risk analysis responsibilities across modern cloud, containerized, and on-premise environments.
The ideal candidate will possess strong expertise in application security testing, vulnerability management, secure development practices, infrastructure security assessments, and security governance. The role will work closely with development, DevSecOps, infrastructure, and security teams to ensure security risks are identified, assessed, and effectively remediated.
Review and validate findings from Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) tools.
Assess application vulnerabilities and security risks, ensuring appropriate remediation actions are implemented.
Evaluate adherence to secure coding standards, application security policies, and secure software development practices.
Audit operating systems, databases, containers, APIs, web applications, and supporting infrastructure for vulnerabilities and security misconfigurations.
Assess the effectiveness of security hardening measures across servers, applications, databases, containers, cloud platforms, and middleware components.
Perform vulnerability assessments across infrastructure, cloud, and containerized environments.
Conduct host-level vulnerability scanning and validate scan results for accuracy, completeness, and relevance.
Perform container image and runtime security assessments across development and production environments.
Analyze and validate Common Vulnerabilities and Exposures (CVEs) by assessing severity, exploitability, business impact, and environmental risk.
Identify false positives and provide technical justification where applicable.
Correlate security findings with asset criticality, business context, and regulatory requirements.
Provide risk-based recommendations and remediation prioritization based on exposure and business impact.
Work closely with development, infrastructure, cloud, and DevSecOps teams to drive remediation activities.
Produce detailed security assessment and vulnerability assessment reports, including findings, risk ratings, remediation recommendations, and tracking status.
Maintain vulnerability tracking and support re-validation activities following remediation.
Support internal and external security audits related to application and infrastructure security.
Monitor emerging threats, vulnerabilities, attack techniques, and industry security trends.
Contribute to the continuous improvement of application security, vulnerability management, and security governance processes.
Bachelor's Degree in Computer Science, Cybersecurity, Information Security, or a related discipline.
Minimum 4 years of experience in Application Security, Vulnerability Management, Security Assessment, Security Auditing, or Secure Software Development.
Hands-on experience with security testing and assessment tools such as SonarQube, Fortify SAST/DAST, Burp Suite, OWASP ZAP, Nessus, Qualys, Rapid7, or equivalent solutions.
Strong understanding of OWASP Top 10, secure coding principles, and application security testing methodologies.
Experience performing vulnerability assessments, vulnerability analysis, and remediation validation.
Strong understanding of CVE analysis, CVSS scoring, exploitability assessment, and risk prioritization.
Knowledge of secure Software Development Lifecycle (SDLC) and CI/CD security practices.
Familiarity with container technologies such as Docker and Kubernetes.
Experience working with cloud platforms including AWS, Microsoft Azure, or Google Cloud Platform (GCP).
Understanding of web application security, API security, authentication mechanisms, and infrastructure security controls.
Strong technical report-writing, documentation, and stakeholder communication skills.
Experience working within Agile, DevOps, or DevSecOps environments.
Experience supporting enterprise-scale application security and vulnerability management programs.
Knowledge of cloud security architecture and container security best practices.
Familiarity with Infrastructure as Code (IaC) security reviews and security automation practices.
Experience with security governance, risk management, and compliance frameworks.
Exposure to penetration testing methodologies and security assessment engagements.
CREST Certified Pen Tester or equivalent security assessment certification.
CISSP (Certified Information Systems Security Professional) or CCSP (Certified Cloud Security Professional).
AWS Certified DevSecOps Engineer – Professional, AWS Security Specialty, or equivalent cloud security certification is highly desirable.
Strong analytical and investigative mindset with attention to detail.
Ability to assess technical risks and prioritize remediation effectively.
Excellent troubleshooting and problem-solving capabilities.
Strong communication and stakeholder engagement skills.
Ability to interpret technical findings and communicate risks to both technical and non-technical audiences.
Knowledge of security and compliance frameworks such as ISO 27001, PCI-DSS, GDPR, and industry best practices.
Ability to work independently and collaboratively within cross-functional teams.
Interested applicants may send their CV directly to shyam@aryan-solutions.com for consideration.
Scam prevention reminder: You should not make any pre-payment when applying for any job.
Illegal practices reminder: It is illegal for recruiter to collect payment (kickback) from the worker https://www.mom.gov.sg/-/media/mom/documents/publications/foreign-workers/what-are-kickbacks.pdf
Login to upload your resume and get an instant match score, strengths, and gaps.
Or use your preferred AI chat tool manually:
Use AI chat of your choice: ChatGPT, Gemini, Claude — and:
I am a jobseeker. Below is a job posting. Please:
1. Give a match score (0–100) based on my resume vs the job requirements
2. List my 3–5 key strengths that align with this role
3. List 2–3 areas to improve or gaps to address before applying
4. Give a one-sentence verdict: should I apply, apply with adjustments, or skip?
Job posting URL: https://singapore.job-q.com/jobs/detail/application-security-vulnerability-assessment-consultant
After reading the job, ask me to upload or paste my resume.
Role OverviewThe DevSecOps Engineer will be responsible for designing, deploying, and maintaining...
On site
Contract
ARYAN SOLUTIONS PTE. LTD.
Job Title: Executive / Senior Executive / Manager (Special Project – HTMSD...
On site
Contract
BUSINESS EDGE PERSONNEL SERVICES PTE LTD
Role OverviewWe are seeking an experienced Application Security Consultant to assess, validate,...
On site
Contract
ARYAN SOLUTIONS PTE. LTD.
Role SummaryThe Platform Engineer (Windows Server) is responsible for designing, building, managing,...
On site
Contract
ADECCO PERSONNEL PTE LTD