Security Operations Engineer, Singpass

GovTech is the lead agency driving Singapore’s Smart Nation initiatives and public sector digital transformation. As the Centre of Excellence for Infocomm Technology and Smart Systems (ICT & SS), GovTech develops the Singapore Government’s capabilities in Data Science & Artificial Intelligence, Application Development, Smart City Technology, Digital Infrastructure, and Cybersecurity.

At GovTech, we offer you a purposeful career to make lives better where we empower our people to master their craft through robust learning and development opportunities all year round.

Play a part in Singapore’s vision to build a Smart Nation and embark on your meaningful journey to build tech for public good. Join us to advance our mission and shape your future with us today!

Learn more about GovTech at tech.gov.sg.

Singpass is a division under GovTech.

The Singpass team builds and maintains Singapore's digital identity system. This includes various personal authentication protocols, data sharing tools, and corporate identity systems through Corppass. The team's mission is to provide reliable digital identity infrastructure that streamlines transactions, enables businesses, and protects against fraud.

What you will be doing
As a Security Operations Engineer, you will lead the implementation of security best practices across Singpass's product engineering teams through scalable, programmatic approaches. You'll be instrumental in building security frameworks that can be easily adopted through SDKs and templates, while maintaining vigilance over our security posture.

Key Responsibilities

• Designing and implementing security frameworks that can be distributed as SDKs or templates across product engineering teams

• Implementation and operation of our SIEM/SOAR capabilities, including log aggregation, correlation rules, and automated response playbooks

• Implementing zero-trust security principles and defence-in-depth strategies

• Coordinating security testing (e.g., red teaming, VA, PT, etc.) with security testers and implementing measures to remedy or mitigate findings.

• Building automated security testing into CI/CD pipelines

• Establishing robust secret management and key rotation practices

• Developing and maintaining security documentation and training materials

• Managing resolution of vulnerabilities reported via government bug bounty programme

• Maintaining the security architecture and security posture of the overall system based on security principles such as defence in-depth, secure-by-default, and least privilege etc.

• Mentoring team members and promoting security best practices

• Managing relationships with external security vendors and stakeholders

• Building and maintaining security automation tools and frameworks

• Implementing and tuning detection engineering using Sigma rules

• Responding to and investigating security incidents using incident response frameworks

• Performing threat modelling and risk assessment on changes (e.g., adding new features / components, replacing or removing components) that may impact the security of the system.

• Collaborating with cross-functional teams to implement security controls

• Participating in 24/7 on-call rotation for security incidents

• Working closely with the CISO on strategic security initiatives

• Creating and maintaining security runbooks and documentation

What we are looking for

Technical Skills:

• Strong programming skills in Golang and TypeScript

• Able to define cloud security architecture and configure the security of AWS services.

• Hands-on experience with SIEM/SOAR implementations (experience with Datadog CloudSIEM and GCP SecOps SIEM/SOAR is a plus)

• Proficiency in container security and Kubernetes security practices

• Ability to implement infrastructure-as-code (e.g., Terraform, Pulumi).

• Strong understanding of OAuth 2.0, OIDC, and PKI infrastructure

• Knowledge of web security (OWASP Top 10, secure coding practices)

• Ability to work with security tooling like secrets store, endpoint detection and response.

• Ability to develop and maintain security tooling and automation

• Experience with security incident response and blue team operations

• Knowledge of modern security threats and mitigation strategies

Professional Experience:

• Proven track record in implementing security controls at scale

• Experience in security architecture and design

• Background in developing security frameworks or SDKs

• Strong understanding of compliance frameworks and security standards

• Experience with threat modelling methodologies (e.g. STRIDE, PASTA)

• Experience in mentoring and knowledge sharing

Soft Skills:

• Excellent stakeholder management abilities

• Strong change management skills

• Ability to influence and drive adoption across multiple teams

• Clear communication skills for technical and non-technical audiences

• Proven ability to work in cross-functional environments

• Analytical mindset with strong problem-solving abilities

Additional Requirements:

• Willingness to participate in 24/7 on-call rotation

• Security certifications (CISSP, OSCP, AWS Security Specialty) are a plus

• Experience with Python is beneficial

• Understanding of compliance frameworks (ISO 27001, SOC2) is advantageous

• Familiarity with digital identity systems and authentication protocols

Qualifications:

• Degree in Computer Science, Information Security, or related field

• Minimum 5 years of relevant experience in security engineering or operations

• Experience is valued over certifications

Reporting Structure:

• Reports directly to the CISO

• Works as part of the Security Operations team within a broader overseer team of SREs and Platform Infrastructure engineers

GovTech is an equal opportunity employer committed to fostering an inclusive workplace that values diverse voices and perspectives, as we believe it is key to innovation. 

Our employee benefits are based on a total rewards approach, offering a holistic and market-competitive suite of perks.

  

We champion flexible work arrangements (subject to your job role) and trust you to manage your time to deliver your best.

Learn more about life inside GovTech at go.gov.sg/GovTechCareers.