Job Description
DSO National Laboratories (DSO) is Singapore's largest defence research and development (R&D) organisation, with the critical mission to develop technological solutions to sharpen the cutting edge of Singapore's national security. At DSO, you will develop more than just a career. This is where you will make a real impact and shape the future of defence across the spectrum of air, land, sea, space and cyberspace.
The Digital Division leads the digital transformation of DSO through the master planning and policies, delivering digital capabilities through IT infrastructure, and providing one stop service to corporate and R&D Divisions. The Digital Division will transform the way we work, our workplace, and the capabilities we deliver to the MINDEF/SAF and for the security of Singapore.
People are DSO's greatest asset. You will get to realise your career aspirations and develop your own niche either as a deep technical expert or a leader in the team. With frequent career dialogues and a robust training and development framework, we will provide you with the necessary development tools for you to reach your potential. You will also be recognised and rewarded through competitive remuneration packages and scholarship opportunities.
As part of this division, you will serve as a Cybersecurity Risk & Assurance Lead, providing expert guidance to project teams in performing threat risk assessments, threat modelling, penetration testing, and adversarial simulations to ensure robust security posture across digital initiatives. This is an individual contributor role.
Cybersecurity Assessment & Advisory
- Act as a trusted advisor to project teams on Threat Risk Assessment, Threat Modelling, Penetration Testing, and Attack Path Simulation.
- Provide early-stage design advisory to ensure security-by-design principles are embedded.
Execution Oversight & Quality Assurance
- Define and enforce standards and methodologies for assessments and testing.
- Review outputs from teams or vendors to ensure completeness and quality.
- Maintain governance over risk registers and remediation tracking.
Threat Modelling & Attack Simulation Leadership
- Lead threat modelling workshops and attack simulations.
- Drive adoption of attack-path-based validation approaches.
Stakeholder Coordination & SME Engagement
- Coordinate with other risk subject matter experts.
- Bridge business and technical teams to ensure practical implementation.
Job Requirements
- Degree in Computer Engineering/ Computer Science / Cyber Security
Technical Skills
- Knowledge of security testing methodologies and frameworks.
- Experience with threat modelling frameworks and penetration testing tools.
Professional Skills
- Strong stakeholder management and communication skills.
- Ability to translate technical risks into business impact.
- Collaborative and advisory-first mindset.
- Strong ownership of outcomes and ability to influence technical decisions.
- Ability to work across multiple projects.
- Ability to work independently.
Experience and Education
- 8 - 12 years of experience in cybersecurity and IT governance
- Experience in advisory roles supporting project teams.
- Degree or advanced education in computer science, computer engineering, and cybersecurity or relevant fields.
- Cybersecurity and governance certifications like eJPT, OSCP, OSEP, CREST, CISSP, CISM, CISA or equivalent would be preferred.
