Title:  Senior Engineer, Smart Security & Automation

We are seeking a highly experienced Cybersecurity Senior Engineer with CISSP certification to lead the design, implementation, and oversight of our enterprise security architecture. This technical role bridges high-level security strategy with hands-on execution, ensuring robust protection across on-premises and cloud environments. The ideal candidate has a proven track record in AWS security, network defense, incident response, and regulatory compliance.

Key Responsibilities:

• Security Architecture & Design:
• Develop and maintain secure architectures for on-premises, hybrid, and multi-cloud environments (Azure, GCP,etc).
• Design multi-layered security for on-premises, air-gapped environments, including network segmentation, firewall policies, intrusion detection/prevention systems (IDS/IPS), centralized logging and auditing, access control best practices, and secure key management.
• Configure security controls, including network firewalls, VLANs, and access policies, ensuring alignment with compliance frameworks (CIS Benchmarks, IM8, NIST, ISO 27001).
• Adoption of best practices for network, cloud, and application security.
• Threat & Vulnerability Management:
• Penetration testing, red teaming, and proactive threat modeling to identify and mitigate risks.
• Maintain and monitor firewalls (Fortigate, Palo Alto), intrusion detection/prevention systems (IDS/IPS), VPNs, PAM solutions, and SIEM systems.
• Monitor and analyze security logs and alerts in real-time to detect and respond to incidents.
• Incident Response:
• Security breaches, performing root cause analysis and ensuring timely remediation.
• Develop and implement protocols to reduce security incidents and enhance organizational resilience.
• Governance, Risk & Compliance (GRC):
• Ensure systems comply with regulatory and internal standards, including NIST, ISO 27001, and Singapore’s CII requirements.
• Conduct regular audits and vulnerability assessments, documenting security posture and risk mitigation.
• Solution Evaluation:
• Conduct PoCs for emerging security technologies to ensure business alignment.
• Deploy and optimize AWS-native security services (IAM, KMS, Shield, WAF) and third-party solutions to strengthen detection, prevention, and response capabilities.

Key Requirements:

• Certification: CISSP required; additional certifications (CISM, CISA, AWS Security Specialty) are a plus.
• Technical Expertise:
• Experience with cloud security (AWS, Azure, GCP) and on-premises network security.
• Strong hands-on knowledge of firewalls, IDS/IPS, VPNs, PAM, SIEM, and endpoint protection systems.
• Proficient in incident response, threat detection, and security monitoring.
• Communication: Proven ability to influence stakeholders, and communicate complex security concepts effectively.