About Sembcorp
Sembcorp is a leading energy and urban solutions provider headquartered in Singapore. Led by its purpose to drive energy transition, Sembcorp delivers sustainable energy solutions and urban developments by leveraging its sector expertise and global track record.
Role Purpose
We are seeking a highly technical, forward-thinking Cyber Assurance Analyst to join our cybersecurity team. In this role, you will be responsible for validating the design and operational effectiveness of our security controls across our entire enterprise landscape. This includes our complex multi-cloud infrastructure (Azure, Google Cloud, Huawei Cloud), our advanced security technology stack, and the global end-user computing environment.
This position requires a hands-on technical practitioner who understands how to test system configurations and leverage Artificial Intelligence (AI) to automate and accelerate the assessment lifecycle.
Key Responsibilities
- Conduct hands-on technical validation of security controls across Azure, Google Cloud (GCP), and Huawei Cloud environments.
- Validate the effectiveness of critical defense platforms including Next-Gen SIEM/SOAR, EDR/NDR, WAF, SASE, CSPM, and Threat Intelligence integrations.
- Assess controls protecting endpoints, mobile devices, identity and access management (IAM), and remote access protocols (Zero Trust/ZTNA).
- evaluate the configuration and enforcement of PAM solutions (e.g., LAPS, enterprise vaulting solutions) to ensure least-privilege principles are maintained.
- Evaluate architectures and deployments against industry best practices and frameworks (e.g., NIST, CSA CCoP).
- Leverage AI tools to accelerate control mapping, evidence gathering, log analysis, and risk scoring.
- Develop scripts and utilize AI to automate repetitive assurance tasks.
- Translate complex technical findings from cloud, security stack, and endpoint assessments into clear, risk-based reports for stakeholders and executive leadership.
- Identify control gaps and misconfigurations. Work closely with Cloud Architecture, IT Infrastructure, and Security teams to drive actionable remediation plans.
- Continuously refine the cyber assurance methodology, utilizing AI insights to reduce assessment cycle times and improve the accuracy of control health metrics.
Qualifications, Skills & Experience
- Minimum 5 years experience in IT Security, Risk and Compliance.
- Knowledgeable in security standards or regulations such as NIST CSF, ISO 27001, SOC2, CCOP (SG), PDPA (SG), GDPR(EU), MLPS(CN), Security by Design.
- Security Technology Stack: Hands-on experience operating, configuring, or auditing enterprise security tools such as EDR/NDR, Next-Gen SIEM/SOAR, SASE, WAF, and PAM solutions.
- Multi-Cloud Expertise: Technical understanding of native security controls, architecture, and deployment models in Microsoft Azure and Google Cloud Platform (GCP). Familiarity with Huawei Cloud or Cloud Security Posture Management (CSPM) platforms is highly desirable.
- End-User Security: Strong understanding of endpoint hardening (Windows/macOS), Mobile Device Management (MDM), Identity Providers (IdP), and secure remote access architectures.
- Control Validation: Proven experience practically testing controls (e.g., querying cloud APIs, testing EDR detection capabilities, reviewing IAM policies, analyzing network flow logs) rather than relying solely on policy reviews.
- Experience using AI to optimize work processes, summarize data, or generate automation scripts.
- Familiarity with OT/ICS security standards or OT monitoring tools is a plus.
- Independent worker with initiatives, positive attitude, and team player.
- Good analytical skills and attention to details
- Good verbal and written communication
- Planning and organizational skills
- Presentation skills
Our Culture at Sembcorp
At Sembcorp, our culture is shaped by a strong set of shared behaviours that guide the way we work and uphold our commitment to driving the energy transition.
We foster an institution-first mindset, where the success of Sembcorp takes precedence over individual interests. Collaboration is at the heart of what we do, as we work seamlessly across markets, businesses, and functions to achieve our goals together. Accountability is a core principle, ensuring that we take ownership of our commitments and deliver on them with integrity and excellence. These values define who we are and create a workplace where our people can thrive while making a meaningful impact on driving energy transition.
Join us in making a real impact!
