[What the role is]
The Government Technology Agency (GovTech) aims to transform the delivery of Government digital services by taking an "outside-in" view, putting citizens and businesses at the heart of everything we do. We also develop the Smart Nation infrastructure and applications and facilitate collaboration with citizens and businesses to co-develop technologies.Join us as we support Singapore’s vision of building a Smart Nation - a nation of possibilities empowered through info-communications technology and related engineering.
[What you will be working on]
At the forefront of Singapore's digital defence, Cybersecurity Group combines advanced security engineering with strategic thinking to protect our organisation's critical infrastructure. We specialise in threat detection, security assessments, and innovative defence solutions across cloud and on-premises environments, utilising cutting-edge frameworks and technologies.
We're seeking experienced security professionals with strong technical capabilities who are passionate about cybersecurity engineering. Join our dynamic team where you'll tackle complex security challenges, work with state-of-the-art tools, and contribute to strengthening our organisation's cyber resilience in an increasingly connected world.
What you will be working on:
Act as the subject matter expert (SME) on cybersecurity, providing expert guidance throughout the organization.
Conduct comprehensive Threat Risk Assessments and Threat Modeling (e.g., STRIDE), incorporating MITRE ATT&CK framework across applications, cloud infrastructure, and enterprise systems.
Lead cross-functional teams in the implementation and management of security controls for cloud and on-premises environments, including microservices, containers, applications, operating systems, databases, and networks.
Provide recommendations for the configuration and improvement of security detection and response tools to enhance operational effectiveness.
Utilize a broad range of cybersecurity tools and technologies to evaluate, validate , and strengthen security controls and capabilities.
Evaluate and validate new security technologies through laboratory setups and proof of concept (PoC) testing.
Specify and document technical security requirements within project tenders and procurement documentation.
Analyze , document, and communicate security findings and recommendations to stakeholders at various levels.
Design and develop innovative security software solutions to safeguard critical organizational information.
Collaborate with government agencies and industry partners to define, implement, and maintain comprehensive security requirements.
Ensure adherence to secure software development lifecycle (SDLC) practices, maintaining high coding standards and delivering secure, high-quality software products.
What we are looking for:
Minimum 5 years of professional experience in cybersecurity engineering, specializing in the design, deployment, and maintenance of secure infrastructure.
Proven proficiency in managing security systems and collaborating effectively with cross-functional teams to strengthen the organization’s security posture.
Hands-on experience conducting security assessments, including threat modeling , vulnerability assessments, and penetration testing.
Up-to-date knowledge of cybersecurity frameworks and standards, such as OWASP and MITRE ATT&CK.
Knowledge of applied cryptography, including cryptographic primitives, post-quantum cryptography, and network security protocols (e.g., TLS, IPSec).
Proficiency in programming languages such as Python, Rust, and C/C++ for developing and automating security tools and processes.
Familiarity with Public Key Infrastructure (PKI), key management, hardware security modules (HSMs), and smart card technologies.
Knowledge of modern IT methodologies, including DevOps, Infrastructure as Code, Software Defined Networking, and zero trust architectures.
Experience with enterprise data center operations and information security best practices.
Exposure to cloud security environments including AWS, Azure, and Google Cloud Platform, alongside analytic platforms such as Splunk and Hadoop.
Relevant security certifications such as OSCP, CISSP, or AWS Security Specialty are highly desirable.
Excellent communication skills, self-motivated with a strong commitment to continuous learning and professional growth.
[What we are looking for]
We are an equal opportunity employer and value diversity at our company as we believe that diversity is meaningful to innovation. Our employee benefits are based on a total rewards approach, offering a comprehensive and market-competitive suite of perks . This includes generous leave benefits to meet your work-life needs. We trust that you will get the job done wherever you are, and whatever works best for you – so work from home or take a break to exercise if you need to*. We also believe it’s important for you to keep developing your skill in the constantly-evolving tech landscape, so we provide and support a plethora of in-house and external learning and development opportunities all year round.
*Subject to the nature of your job role that might require you to be onsite during fixed hours.
