Job Description

The Government Technology Agency (GovTech) seeks to transform the delivery of Government Digital Services by taking an "outside-in" view, putting citizens and businesses at the heart of everything we do. We also develop the Smart Nation infrastructure and applications, and facilitate collaboration with the public to codevelop technologies.

Join us as we support Singapore's vision of building a Smart Nation - a nation of
possibilities empowered through info-communications technology and related
engineering

We are a bunch of folks from Government Digital Services (GDS) in GovTech who enjoy what we are doing everyday-building citizen-centric products to better serve the needs of Singaporeans, and spearheading digital transformation in government, one user story at a time. We are organised as a system of self-managing, cross-functional teams that practice Scrum and Agile, and move fast together to solve problems in order to maximize impact to citizens. We thrive off each's positivity and energy, constantly challenging one another to improve our craftsmanship.

We are looking for a Senior Cyber Security Engineer/Cyber Security Engineer in GDS's Agency CISO Office who connects with our mission to serve the public through the use of the technology, and who believes that security and functionality are two sides of the same coin, not mutually exclusive or binary goals.

What you will be working on:

As a Senior Cyber Security Engineer/Cyber Security Engineer (GDS - Agency CISO Office), you will support and assist Agency CISO in overall cybersecurity programme within GDS, including

Enhance internal processes and organizational culture within Govtech's Government Digital Services, working closely with operation and project teams and outsourced vendors

Advise the appropriate cyber solution, technologies, and processes to secure ICT development life cycle security controls implementation and assets

Support in business initiatives through risk management, which involves performing security risk assessment to identify and analyse security risks, recommending risk treatment and mitigation measures, and assess residual risks

Coordinate with stakeholders in addressing cybersecurity incidents, including threat hunting, and take proactive action against cyber threats

Work with the team leads on delivering security scorecards and other performance indicators

Create security awareness in GDS through training and initiatives.

What we are looking for:

You have at least 3 years of IT security experience in IT security consultancy, and security operations (which includes experience in management, deployment and maintenance of security for ICT systems)

You possess excellent people and stakeholder management skills

You have experience working in an Agile, preferably cloud-based, application development environment

You have knowledge and experience in ICT security risk management methodologies and risk evaluation techniques.

You have experience in security incident management

You have knowledge of security technologies (such as SIEM, Log Management and Analysis Tools, firewall, cryptography, vulnerability scanning tools, endpoint security, identity and access management) and security domains (such as network security, cloud security and application security)

You have knowledge of system security architecture concepts including network topology, protocols, components and principles (e.g. application of Defence in Depth), and able to specify where and how security controls should be applied to or engineered into the security design

You are a team player with good interpersonal skills

You have a degree in Computer Science, Information Systems Engineering or equivalent, and possess CISSP and/or CISA certification. Having Cloud Security, or related certifications would be of added advantage.

You are able to work and communicate with all level from senior management level to working level.

We believe in being Agile, Bold and Collaborative, and are looking for people who identify with these values

We are an equal opportunity employer and value diversity at our company as we believe that diversity is meaningful to innovation. Our employee benefits are based on a total rewards approach, offering a holistic and market-competitive suite of perks. This includes generous leave benefits to meet your work-life needs. We trust that you will get the job done wherever you are, and whatever works best for you - so work from home or take a break to exercise if you need to*. We also believe it's important for you to keep honing your craft in the constantly-evolving tech landscape, so we provide and support a plethora of in-house and external learning and development opportunities all year round.

*Subject to the nature of your job role that might require you to be onsite during fixed hours