We are looking for an IT Security Lead to drive end-to-end security across mission-critical government systems, covering both project implementation (Day 1) and production operations (Day 2).
This role combines security architecture, governance, and hands-on operations in a highly regulated environment.
Key Responsibilities
Security Architecture & Governance
- Define and enforce security architecture aligned with government standards (IM8, WOG)
- Conduct threat modelling, risk assessments, and security reviews
- Ensure compliance with security policies and audit requirements
DevSecOps & Implementation
- Embed security into CI/CD pipelines (SAST, DAST, container scanning)
- Work with engineering teams on secure coding, API security, and IAM
- Manage security testing (VA/PT) and remediation
Operations & Incident Management
- Lead security incident response, RCA, and recovery
- Oversee vulnerability management and patching
- Monitor security events (SIEM) and ensure detection coverage
Access Control & Compliance
- Govern RBAC, MFA, PAM, and access reviews
- Support audits, reporting, and security posture tracking
Requirements
- Singapore Citizen (mandatory)
- 8-12 years of IT experience, with 5+ years in Security Lead / Architect roles
- Experience in Singapore Government / IM8 security environments
- Strong hands-on experience with:Kubernetes / Docker securityAPI security and IAMSecurity tools (SIEM, SAST, DAST)
- Experience working in DevSecOps and cloud-native environments
- Strong stakeholder management and communication skills
Nice to Have
- Certifications such as CISSP, CISM, CISA, CEH, or GIAC
- Cloud security certifications (AWS / Azure)
