MIDVIEW CITY, SINGAPORE

8 days ago
Overview
The Cybersecurity Engineer will be responsible for designing and implementing secure, resilient system architectures while ensuring security is embedded throughout the development lifecycle. This role requires a deep understanding of cybersecurity frameworks, threat modeling, and risk mitigation strategies to protect enterprise systems against evolving threats.
Core Responsibilities — Secure System Architecture & Design
Design and implement robust security architectures for enterprise systems, applications, and cloud environments.
Develop security blueprints, reference architectures, and design patterns to standardize secure development practices.
Ensure security-by-design principles are integrated into all phases of the SDLC (Software Development Lifecycle).
Core Responsibilities — Risk Mitigation & Threat Modeling
Define security controls to mitigate risks from emerging technologies (e.g., cloud, IoT, AI).
Conduct threat modeling (e.g., STRIDE, DREAD) to identify vulnerabilities in system designs.
Perform security impact assessments for new business initiatives and technology deployments.
Core Responsibilities — Security Integration & Compliance
Ensure compliance with regulatory requirements (GDPR, HIPAA, PCI-DSS, SOC 2).
Align security architectures with industry standards (NIST CSF, ISO 27001, CIS, OWASP).
Collaborate with DevSecOps teams to integrate security into CI/CD pipelines.
Core Responsibilities — Security Documentation & Governance
Produce detailed security design documents, including: security architecture diagrams, data flow models with security controls, and encryption and access control policies
Support audits, penetration tests, and vulnerability assessments.
Maintain security baselines for systems and applications.
Required Qualifications & Skills
Ability to translate technical risks into business impacts.
Technical competencies in Threat Modeling Tools: Microsoft Threat Modeling Tool, OWASP Threat Dragon.
Strong analytical and problem-solving abilities.
Bachelor’s/Master’s in Cybersecurity, Computer Science, or related field.
Technical competencies in Security Frameworks: NIST, ISO 27001, CIS, MITRE ATT&CK.
3-5+ years in cybersecurity, with a focus on secure architecture design, risk assessment, or cloud security.
Technical competencies in Security Automation: Experience with IaC (Terraform, Ansible) and DevSecOps tools (GitLab, Jenkins).
Hands-on experience with: Cloud security (AWS/Azure/GCP) and hybrid environments, Identity & Access Management (IAM), PKI, and encryption, SIEM, EDR/XDR, firewalls, and network security.
Excellent communication and stakeholder management skills.
Relevant certifications (CISSP, CCSP, CISA, CISM, AWS/Azure Security, SABSA, TOGAF) are highly preferred.
If you are interested in this position, please email to career@centricsnetworks.com.sg and CC wendy_soh@centricsnetworks.com.sg

Please refer the Job description for details