Logo, Symbol, Trademark, Plant, Texture

Senior Penetration Testing Engineer

Singapore

R-1445

Senior Penetration Testing Engineer

  • Singapore
  • Full Time

At Klook, we love creating moments of joy. Our platform connects people around the world with experiences that bring a smile to their faces, at a touch of a button. We are a global team of diverse Klookers who push boundaries every day, learn fast with feedback and take ownership to drive the change we want to see. Together, we help each other make the world a more joyful place. Up for the challenge? Join us today!

About this role

This role supports Klook in securing our web and mobile applications as well as API interfaces by conducting penetration testing. This individual will be part of the application security team in Singapore, reporting to our Security Lead. Our ideal candidate should be a self-motivated team player with strong analytical skills and detail-orientedness.

About Technology & Engineering

In a fast-growing industry like ours, we can’t afford to stand still. At Technology & Engineering, we constantly test and improve our products to create the best experience in the travel and leisure industry. The team hires curious and analytical people who are always to push boundaries and have real impact.

​​

What you’ll do

  • Responsible for conducting penetration testing on web applications, mobile app (iOS, Android) and API interfaces

  • Experienced in industry frameworks OWASP, Mitre CAPEC, WASC, CWE of vulnerabilities, attack scenarios, exploitability, detectability and remediation advisory.

  • Responsible for conducting security testing on application security risks such as injection, broken authentication or access control, sensitive data exposure, cross-site scripting and deserialization.

  • Responsible for conducting security testing on bypassing business logic such as data validation, forged requests, process timing, rate-limiting, workflow circumvention and unexpected file uploads.

  • Responsible for conducting security testing on automated attack scenarios such as account enumeration, skewing, scraping, scalping, denial of inventory, expediting and carding.

  • Responsible for conducting email phishing exercises and scheduling recurring playbooks by designing specific scenario type, email contents, recipient groups, education and followed by tracking and monitoring of reporting and analytics.

  • Responsible for identifying new or emerging security attacks or techniques, while keeping aware of the current threat landscape and continuously updating with the evolving technology.

What you’ll need

  • Minimum of 2 years’ professional experience in penetration testing. Advantageous to have experience in e-commerce or technology related industry

  • Knowledgeable with penetration testing tools for information gathering, testing, scanner, fuzzers, sweeping, exploiter such as Kali, Metasploit, Nmap, Wireshark, Burp Suite , OSINT, Aircrack

  • Understanding of basic programming languages such as python, C/C++ and scripting skills such as shellcode, bash, regex, and mobile languages in iOS and Android

  • Familiar with cloud environment, cloud computing services and virtualization technologies.

  • OSCP, CREST CRT or equivalence certifications

  • Possess strong analytical skills, self-motivated, detail oriented and team player. Able to collaborate effectively across among a geographically distributed team

  • Able to converse in both English and Chinese ( to liaise with teams in China )

  • Fully vaccinated from COVID-19

What you’ll get

  • An awesome team of international colleagues 

  • A rare chance to build a global travel and leisure brand with a loooong runway of opportunities ahead

  • An environment that values and supports your growth 

  • Ownership of projects with real impact

  • No boredom! Every day is a new exciting challenge

Klook is proud to be an equal opportunity employer. We hire talented and passionate people of all backgrounds. We believe that a joyful workplace is an inclusive workplace, one where employees from all walks of life have an equal opportunity to thrive. We’re dedicated to creating a welcoming and supportive culture where everyone belongs.

Klook does not accept unsolicited resumes from any temporary staffing agency, placement service or professional recruiter (“Agency”). Klook will not be responsible for, and will not pay, any fees, commissions or other payments related to such unsolicited resumes.

An Agency must obtain advance written approval from Klook’s Talent Acquisition Team to submit resumes, and then only in conjunction with a valid fully-executed agreement for service and in response to a specific job opening for which the Agency has been requested to submit resumes for. Klook will not be responsible for, and will not pay, any fees, commissions or other payments to any Agency that does not have such agreement in place or does not comply with the foregoing.

Apply Now

Sign in with LinkedIn
Autofill my information with LinkedIn
Alert me about jobs like this

Not You?

We have emailed you a code to verify your identity

Hold on, you're being redirected to the application form.

Related Jobs

Operation Associate, Events R-1699 Taipei Taipei Sales & Business Development At Klook, we love creating moments of joy. Our platform connects people around the world with experiences that bring a smile to their faces, at a touch of a button. We are a global team of diverse Klookers who push boundaries every day, learn fast...
Business Development Consultant, Spa and Beauty (Contractor) R-1555 Hong Kong SAR Hong Kong SAR Sales & Business Development At Klook, we love creating moments of joy. Our platform connects people around the world with experiences that bring a smile to their faces, at a touch of a button. We are a global team of diverse Klookers who push boundaries every day, learn fast...
QA Manager - Customer Service R-1565 Taipei Taipei Customer Experience At Klook, we love creating moments of joy. Our platform connects people around the world with experiences that bring a smile to their faces, at a touch of a button. We are a global team of diverse Klookers who push boundaries every day, learn fast...
QA Manager - Customer Service R-1565 Kuala Lumpur Kuala Lumpur Customer Experience At Klook, we love creating moments of joy. Our platform connects people around the world with experiences that bring a smile to their faces, at a touch of a button. We are a global team of diverse Klookers who push boundaries every day, learn fast...
Associate Director, Business Development R-1453 Hong Kong SAR Hong Kong SAR Sales & Business Development At Klook, we love creating moments of joy. Our platform connects people around the world with experiences that bring a smile to their faces, at a touch of a button. We are a global team of diverse Klookers who push boundaries every day, learn fast...
Senior PR Associate R-1496 Manila Manila Marketing At Klook, we love creating moments of joy. Our platform connects people around the world with experiences that bring a smile to their faces, at a touch of a button. We are a global team of diverse Klookers who push boundaries every day, learn fast...

Apply Now

Sign in with LinkedIn
Autofill my information with LinkedIn
Alert me about jobs like this

Not You?

We have emailed you a code to verify your identity

Hold on, you're being redirected to the application form.