DevSecOps Principal Consultant - Jakarta

DevSecOps Principal Consultant - Jakarta

Vantage Point helps businesses to set up a secure Software Development Lifecycle that integrates the necessary processes, tools and testing stages for applications.

Role Purpose: 

This role works with our clients to understand their application security needs, provide solutions and support the client with implementation.

Role Responsibilities:

  • Conduct sales visits to potential clients to support the Sales team in understanding customer security and compliance requirements.
  • Engage with multiple client stakeholders such as IT Security team, Product Management, Dev/QA/QE, various product lines, or business units to improve the business relationship and scoping of work.
  • Propose custom solutions & professional service offerings that mitigate application security risks.
  • Implement solutions and support with automated security testing in DevOps environment.
  • Perform Threat Modeling, Architecture Risk analysis, Security testing automation, security tools integration to further increase application security for the client
  • Translate the vulnerabilities identified by security tools to the developers and ensure these vulnerabilities have been understood
  • Act in a technical leadership capacity by mentoring junior consultants and new team members, and applying technical expertise to challenging programming and design problems


Required Skills and Experience:

  • Experience in application security across multiple industries and proven track record of preventing common vulnerabilities
  • Proven experience at hands-on security testing automation and DevOps/ CI/CD
  • Competent development skills in numerous programming languages and ability to read and understand most common languages.
  • Experience in working with Agile and Lean methodologies in software development
  • Understanding Test Driven Development processes and Behaviour Driven Development Processes
  • Familiar with configuration management solutions (Chef/Puppet/Ansible) to produce infrastructure/security as code.
  • Knowledge of development build tools (e.g. Ant, Maven, TFS) and source control systems (e.g. SVN, Git, Mercurial, TFS) 
  • Awareness of containers and how they are managed for large scale applications (e.g Docker, Kubernetes and platforms like OpenShift)
  • Knowledge of Requirement Engineering, SAST, DAST, IAST, RASP and SCA. Able to identify which solution to use in different scenarios by identifying their strengths and weaknesses in terms of automated vulnerability discovery.
  • Comfortable communicating with people in all organizational levels and disciplines

Desired Skills and Experience

  • Experience with microservices architectures
  • Good understanding of deployment patterns, such as the concept of immutable infrastructure
  • Experience of integrating security into deployment pipelines
  • Good understanding of cloud architecture and securing complex architectures
  • Confident in presenting to the DevSecOps community and external conferences

Qualifications Required:

  • Degree qualification which contains programming languages and software development
  • Desired Qualifications:
  • Certified Secure Software Lifecycle Professional (CSSLP)

Role Information:

  • Reports to:        Technical Director
  • Hours:               Full Time
  • Language:         Must be proficient in spoken and written Bahasa and English
  • Location:           Primarily based in Jakarta but may be required to travel to our other business locations

We are looking for someone who can fulfill 80% of the required skills in this job description. The successful candidate who joins us will benefit from training and development in all the required and desired skills.

You will be rewarded with a competitive salary and bonus and an opportunity to be part of an exciting growing business.

TO APPLY FOR THIS ROLE PLEASE SEND YOUR CV TO: RECRUITMENT@VANTAGEPOINT.SG


Project Manager - Singapore

Project Manager

Vantage Point helps its customers to secure their business-critical applications by building security into the software development lifecycle (SDLC).   

Role Purpose: 

Overall responsibility for the successful initiation, planning, resourcing, monitoring, closure and evaluation of all projects.

Role Outcomes:

  • Project requests are responded to within 2 days with accurate information regarding resource availability and feasibility.
  • People with the right mix of expertise and skills are appropriately allocated to each project.
  • All stakeholders are updated regularly throughout project delivery.
  • Projects are completed within agreed timescales and budgets.
  • Clients are billed accurately and on time.
  • The Client Relationship Management and Project Management system is updated and maintained.
  • Weekly reports are produced accurately to support the business in assessing performance in areas such as utilisation and project budget performance.


Role Responsibilities:

  • Meet with clients to build relationships to support with project delivery.
  • Attend project scoping meetings to ascertain resource requirements.
  • Liaise with clients to negotiate delivery times in line with their requirements and internal resource availability.
  • Work closely with the Technical Director to identify and assign appropriate resources for each project.
  • Develop and maintain good relationships with all consultants by meeting weekly to discuss their schedules, clients and utilisation.
  • Act as an escalation point both internally and externally for issues arising during project delivery.
  • Assess and manage risk for each project where necessary.
  • Track and report project progress to ensure projects are completed within agreed timescales and budgets.
  • Work with the Finance and Administration Manager to ensure Clients are billed accurately and on time.


Required Skills and Experience:

  • Experience managing multiple projects simultaneously.
  • Management of budgets and invoicing.
  • Ability to organise and structure data into reports and presentations for internal and external use.
  • Confident communicating with people at all organisational levels and disciplines.
  • Evidence of managing internal and external relationships to build trust and engagement.
  • Solid organisational skills including attention to detail and ability to multi-task
  • Strong working knowledge of Microsoft Office


Desired Skills and Experience

  • Working in the software security industry.
  • Experience using Microsoft Dynamics.

Qualifications Required:

  • Qualification in project management either at degree level or as a certified professional.


Role Information:

  • Reports to:        CEO
  • Hours:               Full Time (40 hours)
  • Language:         Must be proficient in spoken and written English
  • Location:           Primarily based in Singapore but may be required to travel occasionally to our other business locations

You will be rewarded with a competitive salary and bonus linked to your personal and Company performance and an opportunity to be part of an exciting growing business.

TO APPLY FOR THIS ROLE PLEASE SEND YOUR CV TO: RECRUITMENT@VANTAGEPOINT.SG


Security Consultant

We’re looking for hacking enthusiasts with know-how and experience in application security and hacking techniques. The security consultant’s main responsibilities include performing manual penetration tests of mobile and web applications as well as security source code reviews alongside our senior and principal consultants. You’ll be located in our office in Singapore or at our clients’ site. This position is the perfect opportunity for aspiring hackers looking to gain real-world experience! 

General Duties and Responsibilities

  • Develop strong working relationships with the Vantage Point team members and be able to work as part of the team.
  • Support senior and principal consultants in penetration testing and code review projects.
  • Articulate security findings to clients in a precise and technically accurate manner.
  • Reporting to the Offensive Security Managing Principal.
  • Work is performed within Singapore (with the option of working regionally).

Required Skillset

  • Unrelenting passion to discover vulnerabilities in cutting edge technologies.
  • Basic security knowledge about on or more of the following: iOS and Android applications, Web 2.0, IoT (ARM/MIPS), Wireless, Host Infrastructure.
  • Experience in using standard web application testing tools (e.g. BURP Proxy)
  • Basic understanding of programming languages
  • Strong command of the English language, both verbal and written.
  • Involvement in the local security community 

Desired Skillset

  • Software engineering background.
  • Bug Bounty/Hall of Fame participant.
  • Published white papers/ advisories or speaking engagements at Security Conferences.
  • Experience with security touchpoints in the SDLC such as architecture risk analysis, threat modelling, security requirement gathering.

General Knowledge, Skills and Abilities

  • Strong communicators who are able to articulate themselves clearly both verbally and written.
  • Friendly and polite with human relation skills, negotiation and documentation ability.
  • Team skills, including the ability to establish and maintain effective working relationships both internally as well as externally.

Education Requirements

  • Degree or formal education nice to have.

How to apply

Contact us via the web form, or write an email with your CV directly to our chief hacker Paul Craig: paul [at] vantagepoint [dot] sg.


Senior Security Consultant

The senior security consultant’s responsibilities include performing penetration testing of; Mobile (iOS/Android) applications, Enterprise Web Applications, Network Design, Black Box Appliances and Desktop Applications. 

A successful candidate will demonstrate strong skills in manual penetration testing (without a reliance on automated tools) on a range of platforms and technologies, but most importantly they will have a passion/thirst for breaking technology and finding exploits.

General Duties and Responsibilities

  • Develop strong working relationships with the Vantage Point team members and be able to work as part of the team.
  • Perform Penetration Testing and Security Code Review work within Singapore (with the option of working regionally).
  • Articulate security findings to clients in a precise and technically accurate manner.
  • Conduct security research on new fields of innovation, exploitation and technological advancement both within Vantage Point and within the community.
  • Reporting to the Offensive Security Managing Principal.

Required Skillset

  • Unrelenting passion to discover vulnerabilities in cutting edge technologies.
  • Deep security knowledge of (one of the following) iOS and Android applications, Web 2.0, IoT (ARM/MIPS), Wireless, Host Infrastructure.
  • Strong command of the English language, both verbal and written.
  • Involvement in the local security community 

Desired Skillset

  • Software engineering background.
  • Experience with security touchpoints in the SDLC such as architecture risk analysis, threat modelling, security requirement gathering.
  • Experience with static and dyamic application security testing tools (Fortify, Checkmarx, etc)
  • Experience in conducting security research to discover new exploits or new methods of breaking technology.
  • Bug Bounty/Hall of Fame participant.
  • Published white papers/ advisories or speaking engagements at Security Conferences.
  • Personally “Googleable” with a reputation that precedes you.

General Knowledge, Skills and Abilities

  • Strong communicators who are able to articulate themselves clearly both verbally and written.
  • Friendly and polite with human relation skills, negotiation and documentation ability.
  • Team skills, including the ability to establish and maintain effective working relationships both internally as well as externally.

Education Requirements

  • 6+ years of technical experience doing hands-on Penetration Testing assignments.
  • Degree or formal education nice to have.

How to apply

Contact us via the web form, or write an email with your CV directly to our chief hacker Paul Craig: paul [at] vantagepoint [dot] sg.