SENIOR PLATFORM & SECURITY ENGINEER - DIGITAL SERVICES & TECHNOLOGY OFFICE

[What the role is]

To design, build, secure, and operate the Enterprise Data & AI platform, ensuring it is reliable, cost-efficient, and compliant with enterprise governance standards. This role owns both the technical platform layer (clusters, jobs, CI/CD, monitoring) and the security layer (encryption, IAM, audit).

This is a 2-year contract position with the Digital Services & Technology Office.

[What you will be working on]

Platform Operations

• Configure and maintain Enterprise Data and AI platform (e.g. Databricks workspaces, clusters, SQL warehouses, endpoints and workflows).
• Automate provisioning and deployments using Terraform, Databricks CLI, or APIs.
• Design and govern CI/CD frameworks used by Data Engineers for ETL/ML deployments, ensuring secure, compliant, and automated delivery workflows.
• Monitor platform usage, cost trends, and optimize performance of workloads.
• Maintain platform reliability and meet defined uptime and service-level objectives.
  
  

Security Engineering

• Implement and maintain security controls for the enterprise data platform, including encryption, secrets management, and secure access patterns.
• Define and enforce role-based and attribute-based access policies across data assets and cloud compute resources.
• Configure secret scopes and secure service principal access.
• Monitor platform audit and activity logs to detect policy violations, anomalous access, and compliance risks.
• Ensure platform operations align with NP's security, compliance, and regulatory requirements (e.g., IM8, NIST, GDPR. PDPA where applicable).
  
  

Collaboration

• Work closely with Data Engineers, Governance Leads, and Analysts to ensure data pipelines, workflows, and products adhere to security and platform standards.
• Work closely with CI/CD team to integrate monitoring and alerting into observability stack.
• Advise leadership on platform performance and security posture and risks, optimisation opportunities, as well as compliance gaps.
  
  

[What we are looking for]

• 35 years in cloud platform engineering or security engineering.
• Proven experience managing and securing large-scale data or ML platforms.
• Prior work in regulated industries (finance, healthcare, government) is a plus.
  
  

Skills & Certifications

• Certifications:
• Degree or Diploma in Computer Science, Computer Engineering, Information Technology or equivalent.
• Cloud security certs: Azure Security Engineer Associate / AWS Security Specialty / GCP Security Engineer.
• Infrastructure-as-code: Terraform or equivalent.
• Databricks Certified Administrator or Databricks Security Engineer is a plus
• Technical Skills:
• Cloud IAM, KMS, VPC/VNet, firewall/security groups.
• Encryption standards (AES, envelope encryption).
• CI/CD (Azure DevOps, GitHub Actions, Jenkins).
• Databricks platform administration (clusters, jobs, SQL warehouses, UC integration).
• Other Skills:
• Strong knowledge of monitoring/observability stacks (e.g. Azure Monitor).
• Incident response and audit log analysis.
• Experience in GCC/GCC2.0 is a plus.
  

Attributes

• Reliability-focused and security-first mindset with attention to detail.
• Strong collaborator with engineering, governance, and leadership.
• Proactive in risk identification and mitigation.
• Balanced approach: performance and cost optimization while ensuring compliance.