Job Description
DSO National Laboratories (DSO) is Singapore's largest defence research and development (R&D) organisation, with the critical mission to develop technological solutions to sharpen the cutting edge of Singapore's national security. At DSO, you will develop more than just a career. This is where you will make a real impact and shape the future of defence across the spectrum of air, land, sea, space and cyberspace.
The Digital Division leads the digital transformation of DSO through the master planning and policies, delivering digital capabilities through IT infrastructure, and providing one stop service to corporate and R&D Divisions. The Digital Division will transform the way we work, our workplace, and the capabilities we deliver to the MINDEF/SAF and for the security of Singapore.
People are DSO's greatest asset. You will get to realise your career aspirations and develop your own niche either as a deep technical expert or a leader in the team. With frequent career dialogues and a robust training and development framework, we will provide you with the necessary development tools for you to reach your potential. You will also be recognised and rewarded through competitive remuneration packages and scholarship opportunities.
Lead Security Architect (Zero Trust & AI Security)
We are seeking a highly skilled Zero Trust Security and AI Security Specialist to design and implement end-to-end tech stack. The successful candidate will be a technical leader responsible for transitioning the organization toward an identity-centric security model, ensuring that all systems, applications, and infrastructures adhere to the highest standards of continuous verification and least-privilege access.
In This Role, You Will
- Zero Trust Architecting and Design
- Architecture & Design: Design and implement Zero Trust architectures aligned with NIST 800-207, focusing on identity-centric security, least-privilege access, and continuous verification.
- Governance & Policy: Define trust boundaries, network segmentation, and policy enforcement models. Ensure all digital transformation initiatives integrate robust data policies, security controls, and identity-centric governance.
- Leadership & Integration: Lead organization-wide Zero Trust implementations, driving technical discussions, design reviews, and complex system integrations.
- Technical Advisory: Act as a subject matter expert (SME) for application, network, and infrastructure teams, providing actionable guidance to ensure enterprise systems meet both Zero Trust requirements and cybersecurity policies.
- Zero Trust Threat Modeling: Conduct application and platform threat modelling with a specific focus on identity compromise, lateral movement, and the bypass of policy enforcement points.
- Security Patterns: Develop security reference architectures and reusable patterns that enforce never trust, always verify principles across the enterprise.
- Architecture Assurance: Perform rigorous architecture reviews and security assessments to ensure new systems adhere to micro- segmentation and least-privilege access models.
- AI Security
- AI Security Architecture: Design and implement security frameworks for AI/ML lifecycles, ensuring that AI workloads adhere to Zero Trust principles (e.g., identity-based access to training data and model endpoints).
- AI Governance & Policy: Develop security standards and governance models for the safe adoption of Generative AI and LLMs, focusing on data privacy, model integrity, and usage policies.
- Risk Management: Conduct specialized risk assessments for AI systems, identifying vulnerabilities such as prompt injection, data poisoning, and model inversion.
- Vendor & Stakeholder Management:
- Contractor & Third-Party Oversight: Collaborate with contractors and external vendors to ensure that third-party integrations, managed services, and outsourced developments adhere to
Job Requirements
Degree in Computer Science
Knowledge of OWASP Top 10 for LLM Applications
Knowledge of NIST AI RMF knowledge
Preferred Certifications
- Zero trust certifications
- ISC2 CISSP
- ISACA CISM
- GIAC certifications
8-15 years in architecture role or cybersecurity leadership role
Experience in large-scale or organisational wide Zero Trust architecting, design and implementation.
Experience in setting AI governance and policies
Experience in design safeguards and security controls for AI/Agents
Experience in threat modelling and attack path simulation
Experience architecting systems and applications
