- 1-year contract, renewable
- Hybrid work arrangement
- Government project
As our digital platforms, cloud infrastructure, and application development activities continue to grow, we are seeking a Cybersecurity Engineer to strengthen our security capabilities.
In this role, you will be responsible for implementing and managing security controls across endpoints, cloud environments, network infrastructure, and application development pipelines. You will support the deployment of key security technologies, enhance DevSecOps practices, and improve monitoring and incident response capabilities across the organisation.
You will also play an important role in ensuring systems and controls remain aligned with organisational cybersecurity policies and regulatory requirements, including the Personal Data Protection Act (PDPA).
What You'll Do
- Implement and manage endpoint security solutions (e.g., EDR, device hardening, full-disk encryption, endpoint monitoring)
- Administer MDM and DLP solutions to enforce device compliance and prevent unauthorised data exfiltration
- Deploy and maintain network security controls, including NGFW, WAF, and IPS
- Perform rule tuning and optimisation to ensure effective protection as threats evolve
- Implement and manage AWS security controls (e.g., IAM, logging, monitoring, GuardDuty, Security Hub, CloudTrail)
- Identify and remediate cloud misconfigurations in line with best practices and compliance requirements
- Integrate security into CI/CD pipelines and support DevSecOps practices
- Implement and manage application security tools (SAST, DAST, dependency scanning, container security)
- Conduct security reviews and vulnerability assessments aligned with OWASP Top 10
- Partner with engineering teams to prioritise and track remediation
- Monitor and triage security alerts across endpoint, network, cloud, and application layers
- Investigate incidents and support response and remediation efforts
- Improve detection capabilities and response processes
- Develop and maintain automation scripts (e.g., Python, Bash) to enhance monitoring, reporting, and workflows
- Maintain security documentation and support audits
- Ensure alignment with organisational cybersecurity policies and regulatory frameworks (e.g., PDPA)
What We're Looking For
- Experience in implementing and managing cybersecurity controls across infrastructure, cloud, and/or application environments
- Hands-on experience with AWS security services (e.g., IAM, GuardDuty, Security Hub, CloudTrail)
- Familiarity with endpoint security, network security technologies, and data protection solutions
- Understanding of application security practices and DevSecOps
- Experience in security monitoring, alert triage, and incident response
- Scripting or automation experience (e.g., Python, Bash)
- Strong analytical skills and ability to work across cross-functional teams
