Job Description

Responsibilities:

• To leverage and adapt industry standards and frameworks (e.g., CSA CSM, NIST CSF, ISO 27001, CIS), regulatory guidelines (e.g., OSPAR, MTCS, SOC 2, ABS Cloud Guidelines, etc.) to Singtel\xe2\x80\x99s environment and needs in its cloud journey.
• To work with the Cloud Infrastructure and Automation team to enhance their DevSecOps capabilities to build scalable, robust, high Be a subject matter expert on cloud and cyber security risks
• Advise and assist in the selection and tailoring of suitable approaches, controls, methodologies, and tools to drive secure and compliant cloud adoption
• Develop DevSecOps capability within the Cloud Infrastructure Organization
• Working closely with the Infrastructure Project Team (IPO) on project engagements TI strategy
• Share leading practices amongst the Singtel technical community to ensure best practices compliance
• Providing advice and guidance to management during planning phases to ensure that non-functional requirements are included in the overall specifications
• Support the operationalization of infrastructure automation to the operations team. Act as the automation service owner for infrastructure automation, including support for any production issues due to automation. performing, fault tolerant solutions

• Degree in computer science/ Information Technology, Industry certification, eg. Azure, VMware (VCP/VCAP) or Microsoft qualifications.
• At least 8-10 years of experience working in one or more of the following disciplines: cloud/IT advisory and implementation, cloud or security software product development, or security operations.
• Experience in security operations
• Diverse technology experience with public cloud providers
• Firm understanding of Security frameworks and standards
• DevSecOps, CI/CD (Continuous Integration Continuous Deployment), and associated tools such as Terraform, Jenkins, Ansible, Chef, Puppet, Salt stack, etc.
• DevSecOps Automation tools such as Boto3, Lambda, Azure Functions, Google Functions, Python, JSON.
• Knowledge of programming or scripting languages such as Python, Node.js.
• Experience with ITIL processes, especially change control processes
• Good to haveIdentity and Access Management (IAM) and Privileged Access Management (PAM)
  Application Security frameworks and standards such as OWASP
  Security Operation
  Logging and monitoring, and SIEM suites/associated tools
  Networking (hardware, software, routing, firewalls, VPC, SASE)
  Encryption and Cryptographic Key-Management