Senior Cybersecurity Engineer (Cloud Hosted Infrastructure)

The Government Technology Agency (GovTech) seeks to transform the delivery of Government Digital Services by taking an "outside-in" view, putting citizens and businesses at the heart of everything we do. We also develop the Smart Nation infrastructure and applications, and facilitate collaboration with the public to co-develop technologies.

Join us as we support Singapore's vision of building a Smart Nation - a nation of possibilities empowered through info-communications technology and related engineering.

As a Senior Cybersecurity Engineer, you will provide an in-depth and technical point of expertise on how advanced and emerging security technologies can be better used to secure large-scale, national or Whole-of-Government projects or systems. You will also be performing security risk assessments, recommending risk treatment and mitigation measures, and evaluating residual risks to support business initiatives.

Collaborating closely with ICT infrastructure specialists, technical architects, project managers, software developers and data scientists, your role will also involve ensuring compliance with prevailing ICT security policies and standards. Managing stakeholder relationships to ensure that our consulting services delivered meet their expectations is part of the job.

The ability to design critical user journeys, develop security objective targets, engage stakeholders with contextual use cases and engineer desired security outcomes to operationalisation is a key to succeeding in this role. This also places you in a strategic position to participate in security governance and compliance activities to ensure effective security outcomes.

You will be required to apply your knowledge of cybersecurity principles and play a role in defining and implementing threat models, and corresponding mitigations. You will also have opportunities to develop security guidelines and to evangelise their importance to senior management and technical committees.

What you will be working on

You will be required to perform tasks including:

• You will take a leading role to define, implement & maintain company-wide Cyber Security standards, procedures and solutions

• Perform user accounts life cycle administration including periodic monitoring user access;

• Define & test platforms and applications hardening guides

• Periodic review of rules and policies for security tools like firewall & DAM

• Identify security gaps, perform threat risk assessments in current setup and propose mitigating measures

• Perform Risk and Cyber Security Self-Assessments (R&CSA) that identify cyber security risks & control weaknesses & opportunities for improvements

• Participate in incident response lifecycle that includes performing assessment of current infrastructure defences against identified threats and proposing mitigating measures

• Perform Disaster Recovery for security tools

• Perform vulnerability assessment using automated and manual tools with recommendation for actionable remediation controls.

• Plan, implement, and upgrade security measures and controls to protect information systems and data against unauthorized access, modification, or destruction;

• Conduct internal and external security and compliance reviews on information assets;

• Monitor regulatory requirements & technology advances to identify relevant trends & threats.

• Having any experience with any of this 2 of the following security tools like Database Activity Monitoring (DAM), firewall, Privileged Access Management (PAM), Anti-virus, HIPS/HIDS and Endpoint Detection and Response (EDR), Multi-factor Authentication and Vulnerability Management, will be helpful in your role and you will probably learn the rest on the job

What we are looking for

• An understanding of security best practices, policies and standards.

• Hands-on experience in one or more of the following security areas: Network design, applications development, Internet of Things, wireless communications, cryptography, hardware design protection, mobile management, cloud hosting design and implementation, DevSecOps consulting, design and implementation of CI/CD pipelines, etc.

• Familiarity with common application vulnerabilities, cloud security issues and technical knowledge on how to address and mitigate them.

• Knowledgeable in cyber security principles, operational security management techniques, architecture and designs, cybersecurity attributes (e.g. confidentiality, integrity, availability, accountability, assurance, etc.) and security measures (e.g. authentication, authorisation etc.) for applications in an enterprise environment or setup.

• Strong interpersonal and stakeholder management skills.

• Presentation skills, and the ability to write clearly, concisely, and within context.

• Ability to work with cross-functional, multi-disciplinary teams to formulate, institute and monitor security policies and procedures.

• Possess professional certifications such as CISSP/Security+/SANS/GIAC or other relevant security qualifications would be an advantage.

We are an equal opportunity employer and value diversity at our company as we believe that diversity is essential to innovation. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Our employee benefits are based on a total rewards approach, offering a holistic and market-competitive suite of perks.

This includes generous leave benefits to meet your work-life needs. We trust that you will get the job done wherever you are, and whatever works best for you - so work from home or take a break to exercise if you need to*. We also believe it's meaningful for you to keep honing your craft in the constantly-evolving tech landscape, so we provide and support a plethora of in-house and external learning and development opportunities all year round

• Subject to the nature of your job role that might require you to be onsite during fixed hours