Job Description

What the role is
The Government Technology Agency (GovTech) aims to transform the delivery of Government digital services by taking an "outside-in" view, putting citizens and businesses at the heart of everything we do. We also develop the Smart Nation infrastructure and applications and facilitate collaboration with citizens and businesses to co-develop technologies. GovTech Cyber Security Group (CSG) is hiring specialists who are familiar with not only cybersecurity architectures and cloud implementations, but also Data analytics models and platforms. The specialist is required to research and identify potential cyber and data security risks using Threat and Risk Assessment framework and develop actionable measures to be applied across systems for the Whole of Government. This role is unique as the specialists will be attached to the Government Data Office in Smart Nation Digital Government Office (SNDGO) for Whole-of-Government Data Security policy and technical consultations before returning to GovTech.
What you will be working on
Data Security related • Work with government agencies to operationalise the data security policies and measures • Work with agencies and stakeholders to build a culture of excellence among public officers to use data securely • Work with stakeholders in the government’s data and ICT ecosystem (e.g. Chief Data Officers, Chief Information Officers, etc.) to enhance agency data security capabilities and practices. • Engage public officers and the general public on the government’s data security policies and practices.
Cyber Security related • Perform security risk assessments for large, national or Whole-of-Government projects or systems • Explore technologies and best practices to support development of standards • Support business initiatives through risk management, which involves performing security risk assessment to identify and analyse security risks, recommending risk treatment and mitigation measures, and assess residual risks. • Ensure that key security requirements are defined and designed into the systems, implemented in accordance to the security design, and in compliance with prevailing ICT security policies and standards. • Develop and review project specific security specifications and ensure alignment to assessed security risks, security requirements, prevailing ICT security policies and standards. • Review security architectures, designs and implementations to ensure compliance with prevailing ICT security policies and standards. Identify design gaps and recommend security enhancements. • Involve in designing artefacts (spanning design, development, and implementation) into enterprise systems that aligns to security principles and overall Enterprise System Architecture. • Stay abreast of current and emerging cloud security technologies and the associated security threats. Design security architecture control measures to mitigate the threats and risks. • Align security architecture frameworks and standards with business strategies and functions. • Involve in scoping of security tests, reviews and audits, as well as reviewing the results of security tests, reviews and audits to ensure security assurance is achieved.

What we are looking for
• Degree in Computer Science, Data Science, Computer or Electronics Engineering or Information Technology or related disciplines • Minimum 3 years of IT security experience in IT security consultancy, and security operations, with experience in working with data analytics platforms • Able to articulate cybersecurity and data security risks, mitigation measures and residual risks orally and in writing to stakeholders, in an easily understood and actionable manner • Knowledge of security technologies and products (such as SIEM, Log Management and Analysis Tools, firewall, cryptography, anonymization, vulnerability scanning tools, endpoint security), MITRE ATT&CK framework, network security, cloud security and application security. • Knowledge and experience in identity and access management, cloud design and architecture, and implementation of cloud services • Team player with good interpersonal skills • Possess good written, verbal and presentation skills • Security certification such as CISSP, CISA, SSCP, Cloud Security, or related certification would be an advantage • Able to work and communicate with all level from senior management level to working level • Singapore Citizen only
We are an equal opportunity employer and value diversity at our company as we believe that diversity is meaningful to innovation. Our employee benefits are based on a total rewards approach, offering a holistic and market-competitive suite of perks. This includes generous leave benefits to meet your work-life needs. We trust that you will get the job done wherever you are, and whatever works best for you – so work from home or take a break to exercise if you need to*. We also believe it’s important for you to keep honing your craft in the constantly-evolving tech landscape, so we provide and support a plethora of in-house and external learning and development opportunities all year round. *Subject to the nature of your job role that might require you to be onsite during fixed hours