[WHAT YOU WILL BE WORKING ON]

At the forefront of Singapore’s digital defence, Cybersecurity Group combines advanced security engineering with strategic thinking to protect our organisation’s critical infrastructure. We specialise in threat detection, security assessments, and innovative defence solutions across cloud and on-premises environments, utilising cutting-edge frameworks and technologies.
We’re seeking experienced security professionals with strong technical capabilities who are passionate about cybersecurity engineering. Join our dynamic team where you’ll tackle complex security challenges, work with state-of-the-art tools, and contribute to strengthening our organisation’s cyber resilience in an increasingly connected world.

What you will be working on:

• Act as the subject matter expert (SME) on cybersecurity, providing expert guidance throughout the organization.
• Conduct comprehensive Threat Risk Assessments and Threat Modeling (e.g., STRIDE), incorporating MITRE ATT&CK framework across applications, cloud infrastructure, and enterprise systems.
• Lead cross-functional teams in the implementation and management of security controls for cloud and on-premises environments, including microservices, containers, applications, operating systems, databases, and networks.
• Provide recommendations for the configuration and improvement of security detection and response tools to enhance operational effectiveness.
• Utilize a broad range of cybersecurity tools and technologies to evaluate, validate , and strengthen security controls and capabilities.
• Evaluate and validate new security technologies through laboratory setups and proof of concept (PoC) testing.
• Specify and document technical security requirements within project tenders and procurement documentation.
• Analyze , document, and communicate security findings and recommendations to stakeholders at various levels.
• Design and develop innovative security software solutions to safeguard critical organizational information.
• Collaborate with government agencies and industry partners to define, implement, and maintain comprehensive security requirements.
• Ensure adherence to secure software development lifecycle (SDLC) practices, maintaining high coding standards and delivering secure, high-quality software products.

What we are looking for:

• Minimum 5 years of professional experience in cybersecurity engineering, specializing in the design, deployment, and maintenance of secure infrastructure.
• Proven proficiency in managing security systems and collaborating effectively with cross-functional teams to strengthen the organization’s security posture.
• Hands-on experience conducting security assessments, including threat modeling , vulnerability assessments, and penetration testing.
• Up-to-date knowledge of cybersecurity frameworks and standards, such as OWASP and MITRE ATT&CK.
• Knowledge of applied cryptography, including cryptographic primitives, post-quantum cryptography, and network security protocols (e.g., TLS, IPSec).
• Proficiency in programming languages such as Python, Rust, and C/C++ for developing and automating security tools and processes.
• Familiarity with Public Key Infrastructure (PKI), key management, hardware security modules (HSMs), and smart card technologies.
• Knowledge of modern IT methodologies, including DevOps, Infrastructure as Code, Software Defined Networking, and zero trust architectures.
• Experience with enterprise data center operations and information security best practices.
• Exposure to cloud security environments including AWS, Azure, and Google Cloud Platform, alongside analytic platforms such as Splunk and Hadoop.
• Relevant security certifications such as OSCP, CISSP, or AWS Security Specialty are highly desirable.
• Excellent communication skills, self-motivated with a strong commitment to continuous learning and professional growth.

The Government Technology Agency (GovTech) aims to transform the delivery of Government digital services by taking an “outside-in” view, putting citizens and businesses at the heart of everything we do. We also develop the Smart Nation infrastructure and applications and facilitate collaboration with citizens and businesses to co-develop technologies.
Join us as we support Singapore’s vision of building a Smart Nation - a nation of possibilities empowered through info-communications technology and related engineering.