IT Security lead

We are looking for an IT Security Lead to drive end-to-end security across mission-critical government systems, covering both project implementation (Day 1) and production operations (Day 2).

This role combines security architecture, governance, and hands-on operations in a highly regulated environment.

Key Responsibilities

Security Architecture & Governance

• Define and enforce security architecture aligned with government standards (IM8, WOG)
• Conduct threat modelling, risk assessments, and security reviews
• Ensure compliance with security policies and audit requirements

DevSecOps & Implementation

• Embed security into CI/CD pipelines (SAST, DAST, container scanning)
• Work with engineering teams on secure coding, API security, and IAM
• Manage security testing (VA/PT) and remediation

Operations & Incident Management

• Lead security incident response, RCA, and recovery
• Oversee vulnerability management and patching
• Monitor security events (SIEM) and ensure detection coverage

Access Control & Compliance

• Govern RBAC, MFA, PAM, and access reviews
• Support audits, reporting, and security posture tracking

Requirements

• Singapore Citizen (mandatory)
• 8–12 years of IT experience, with 5+ years in Security Lead / Architect roles
• Experience in Singapore Government / IM8 security environments
• Strong hands-on experience with:Kubernetes / Docker security API security and IAM Security tools (SIEM, SAST, DAST)
• Experience working in DevSecOps and cloud-native environments
• Strong stakeholder management and communication skills

Nice to Have

• Certifications such as CISSP, CISM, CISA, CEH, or GIAC
• Cloud security certifications (AWS / Azure)