We are seeking a Senior Specialist – Cybersecurity Architect with expertise in application, data, middleware, platform and infrastructure security to join our team. In this role, you will serve as a trusted cybersecurity advisor for new initiatives and projects; while also playing a key role in enhancing and optimizing existing security setups to ensure they meet industry standards and align with organizational objectives.
Security Architecture and Advisory
- To lead solutioning partnerships with stakeholders from IT, OT and business to define and deliver emerging security reference architectures and solutions.
- Lead security design reviews and provide technical guidance to project teams throughout the software development lifecycle and implement security by design principles
- Front technical discussions on cybersecurity-related matters and other emerging technology domains with stakeholders in Infra, application development and enterprise architect teams.
- Recommend and drive cybersecurity solution and initiatives to improve the cybersecurity posture of the organisation.
- Evaluate and recommend technologies and tools to establish and maintain the desired security posture across various technology stacks, including infrastructure, applications, and data.
Application and Data Security
- Define and implement secure design practices for data and APIs, ensuring proper authentication, authorization, and protection from common threats.
- Implement application security best practices, including secure coding standards, threat modelling, and vulnerability assessments.
- Guide and contribute application and data security design approaches, ranging from high level overview to deep dive into implementation details
Infrastructure Security
- Collaborate with IT Infrastructure teams to ensure secure configurations, and implement servers, networks and endpoints security best practices.
- Collaborate with OT/ICS teams to strengthen security controls for industrial systems.
Compliance and Governance
- Keep abreast of the cybersecurity trends, industry standards and new technology to improve security maturity within Jurong Port
- Perform security reviews, identifying gaps in security architecture, and developing a security risk management plan for Jurong Port, ensuring that the developed systems and architecture are consistent with the organisation’s cybersecurity policy.
- Define and manage architecture artefacts such as standard operating procedures documents, application security guides, reference documents, blueprints, technical and non-technical security requirements.
- Ensure compliance with cybersecurity frameworks such as NIST CSF, regulatory requirement such as CCoP, and relevant data protection regulations.
Qualifications:
- Bachelor’s degree in Information Technology, Computer Science, Engineering or its equivalent.
- Minimum of 5+ years of experience in cybersecurity, with a focus on application and data security.
- Hands-on experience designing secure systems and architectures for cloud, on-premises, and hybrid environments.
- Experienced in Security by Design principles and DevSecOps practices.
- Knowledge of industry standards such as NIST Cybersecurity Framework, CIS and CCoP.
- Relevant certifications such as GIAC, CISSP, CISM, CCSP, AWS Certified Security or similar are highly desirable
- Capable of working independently with minimum supervision.
- Good verbal and written communication skills to effectively engage both technical and non-technical stakeholders.
- Experience in technology and tools evaluation and recommendation in any or all areas of security from infrastructure to application.
