FPT Asia Pacific logo
2 days ago
Full-time
On-site
Singapore, Singapore
IT

Overview

  • In this role, you will help ensure that vulnerabilities and exposures across our environment are identified, validated, and remediated in a timely manner. You will work closely with system owners and report findings, helping to keep our risk posture visible and well-managed.

Job Scope

  • Monitor and triage findings surfaced by our Attack Surface Management (ASM) and Vulnerability Management tools
  • Assess each finding for validity, severity, and exploitability before escalating or acting on it
  • Distinguish genuine exposures from false positives and contextualise findings against our asset inventory
  • Prioritise remediation efforts based on risk
  • Work with system owners to follow up on outstanding findings
  • Track remediation progress and ensure findings are resolved in a timely manner
  • Manage exceptions and risk acceptance where remediation is not immediately feasible
  • Communicate clearly with non-technical stakeholders, translating technical findings into actionable guidance
  • Consolidate vulnerability data and remediation metrics for reporting
  • Identify trends and surface systemic issues across the organisation's attack surface and internal asset landscape
  • Provide recommendations to improve our overall exposure management programme
  • Contribute to the refinement of ASM and vulnerability management processes, tooling configurations, and escalation playbooks over time
  • Support the development and maintenance of vulnerability management policies, standards, and procedures in alignment with industry best practices

Requirements

  • Bachelor's Degree in Computer Science/Information Security or equivalent
  • Professional certifications, including GWEB, OSCP, CRISC, CISA or other relevant certifications will be preferred
  • Preferably 5 years of experience in a relevant cybersecurity function, such as vulnerability management, attack surface management, security operations, or IT risk
  • Strong understanding of cybersecurity concepts, particularly around vulnerability management, patch management, common vulnerability scoring frameworks (eg CVSS), and external-facing attack surface risks
  • Familiarity with ASM or vulnerability management tools (such as Tenable, Qualys, Censys, or similar)
  • Proficiency in programming languages such as Python will be advantageous
  • Strong analytical and judgement skills, with the ability to think critically and make sound recommendations