Do meaningful work with us. Every day.

At Amplify Health, we're looking for individuals with ambition, resilience and passion for healthcare, insurance, wellness and digital technology. As a fast-growing business with the ambition of making people and communities across Asia healthier, we have exciting career opportunities available to help us achieve our vision.

As a member of the Cybersecurity team, you will help strengthen and maintain Amplify Health's security posture across multiple domains, including but not limited to Vulnerability Management, Application Security, Security Operations, Data Loss Prevention (DLP), Security Reporting and Monitoring.

Responsibilities

Primary Responsibilities:

Security Architecture & Assurance

• Lead security architecture reviews for new and existing systems, ensuring alignment with Amplify Health's security standards and Group requirements.

• Define secure design patterns and perform threat modeling for applications and cloud-native workloads.

• Conduct security risk assessments and recommend mitigation strategies for identified gaps.

• Integrate security testing into CI/CD pipelines, ensuring automated checks for vulnerabilities, secrets and misconfigurations.

• Assess third-party and vendor security controls, including contractual and security compliance obligations.

• Provide guidance on emerging technologies and architectural improvements to enhance security posture.

Security Operations Centre (SOC)

• Monitor and analyze security events using SIEM tools to detect anomalies and potential threats.

• Lead incident response activities, including containment, eradication, and recovery, following established playbooks.

• Perform advanced threat hunting and digital forensic investigations (DFIR) for complex incidents.

• Conduct and coordinate vulnerability assessments and penetration testing to identify weaknesses in systems and applications.

• Support Security automation and orchestration (SOAR) initiatives to streamline detection and response workflows.

• Prepare SOC reports and metrics for management, highlighting trends and improvement opportunities.

Secondary Responsibilities:

Vulnerability Management

• Manage the end-to-end vulnerability lifecycle: identification, assessment, prioritization, and remediation tracking.

• Integrate automated scanning tools (SAST, DAST, dependency checks, container image scanning) into CI/CD pipelines.

• Enforce mandatory remediation of Critical and High severity vulnerabilities before production release.

• Apply a standardized risk rating matrix (Likelihood, Exploitability, Impact) for prioritization and reporting.

• Stay updated on emerging threats, CVEs, and exploit trends recommend improvements to scanning tools and workflows.

Data Loss Prevention

• Assist in implementing DLP strategies across endpoints, networks, and cloud environments.

• Support data classification and labeling initiatives to protect sensitive information.

• Contribute to DLP incident response workflows and reporting for compliance and audit readiness.

SecOps

• Maintain security documentation, including policies, SOPs, and governance frameworks.

• Manage security exceptions and ensure compliance with BAU governance standards.

• Support Jira-based workflows for security tasks, incident tracking, and audit readiness activities.

• Collaborate with engineering teams to embed security controls into operational processes.

Candidate Profile

Experience and Qualifications

Over 6-8 years of experience in security architecture, security assessments, and SOC operations.

• Hands-on experience with threat modeling frameworks (MITRE ATT&CK, STRIDE) and risk assessment methodologies.

• Strong knowledge of cloud security architecture (Azure), CI/CD security integration, and security tools (SIEM, SOAR, DLP, SAST/DAST).

• Familiarity with secure design principles, application security, and third-party risk assessments.

• Understanding of regulatory frameworks (ISO 27001, NIST CSF, GDPR) and compliance requirements.

• Relevant certifications preferred: CISSP, CCSP, CISM.

• Bachelor's degree required in Information Technology / Computer Science specialisation in Information Security would be advantageous.

Competencies & Core Characteristics:

We are seeking a leader who embodies the following competencies and characteristics essential for success in our scale-up environment:

• Technical Domain Expertise: Demonstrates deep proficiency across security architecture, cloud security (Azure), vulnerability management, and SOC operations. Applies recognized security frameworks (e.g., NIST CSF, MITRE ATT&CK, STRIDE) to drive robust and scalable security controls. Serves as the goto expert for translating technical threats into practical risk mitigation strategies.

• Strategic Architect: Thinks beyond immediate risks to design longterm, secure-by-design architectural patterns and guardrails. Anticipates evolving threat landscapes and embeds forwardlooking security roadmaps into platform, product, and engineering strategies. Balances innovation with risk governance to support the company's scale-up trajectory.

• Unifier & Cross-Functional Influencer: Collaborates seamlessly with engineering, platform, operations, product, and risk teams to embed security into every stage of the lifecycle. Communicates complex technical concepts in clear, actionable terms that drive alignment and informed decisionmaking. Builds trusted relationships that enable security to function as a business enabler, not a blocker.

• Data-Driven Decisiveness: Makes timely, wellreasoned decisions grounded in quantitative data, threat intelligence, vulnerability metrics, and SOC insights. Prioritizes based on impact, exploitability, and business context. Leverages dashboards and analytics to shape recommendations, influence stakeholders, and track measurable improvements in security posture.

• Resilient Operator: Performs effectively in highpressure environments, especially during incidents, timesensitive remediations, and audits. Demonstrates composure, structured thinking, and clear communication in crisis situations. Persists through ambiguity and complexity, adapting quickly to shifting priorities while maintaining high standards of execution.

• Insatiable Curiosity: Continuously explores emerging technologies, threat vectors, and industry best practices-bringing fresh insights to improve security architecture and operations. Challenges assumptions and seeks innovative approaches to strengthen defenses, optimize tools, and automate processes. Demonstrates a strong learning mindset and desire to stay ahead of adversaries.