#SGUnitedJobs Senior Cybersecurity Consultant (GDS)

GOVERNMENT TECHNOLOGY AGENCY
  • Job Category
    Information Technology, Public / Civil Service
  • Job level
    Middle Management
  • Contract type
    Full Time

Job Description

GovTech’s Government Digital Services (GDS) aims to spearhead the digital transformation of the Government. As part of this progressive group, you will join a multi-disciplinary team to modernize the way digital applications and services are developed, deployed and maintained across the Whole-of-Government. Our objective is to augment engineering teams with platforms and services that shortens time-to-market and improves operational agility. We employ DevOps principles and ‘shift-left’ technologies in creating solutions in areas like continuous integration/deployment, data sharing as well as applications observability, testing and security.
 
If you are looking for opportunities to collaborate with industry experts and work with highly motivated peers, we welcome you to join GDS Engineering Productivity (ENP).This is an exciting position with many opportunities for groundbreaking contributions. You will be a consultant in the team who knows what needs to be in place to enable the platform to work, while managing security risks.
 
What you’ll be doing:
● Work with stakeholders such as developers, infrastructure and platform engineers, etc. to achieve security objectives in an Agile setting
● Lead and hold discussions to coordinate and plan for timely security assessments
● Conduct security risk assessments at various levels – application, infrastructure, network, etc.
● Set up and use security assessment tools, if required
● Work with engineers and developers to remediate security risks from assessments
● Consolidate and report metrics for security risk assessments
● Review and manage change requests from a security risk perspective in an Agile setting
● Enhance visibility and track security assessments by integrating with ticketing tools
● Explore, use and deploy new security assessment tools to meet necessary security objectives
 
What we’re looking for:
● Minimum of 7 years’ experience with cybersecurity consultancy or related scope of work
● Passion in driving for DevSecOps (and/or DevOps) transformation
● Passion for automation and security best practices
● Experience with Source Code Review in an enterprise setting
● Experience with Penetration Testing in an enterprise setting
● Experience with Application Development in an enterprise setting
● Experience with DevOps toolset like JIRA, BitBucket, Confluence
● Experience with designing and architecting systems in an enterprise setting
● Experience with Agile - Software Development Lifecycle
● Experience with cloud providers like AWS, GCP, Azure
 
Added advantage if you possess the following:
● Experience with these security tools in the enterprise setting: o Hashicorp Vault, Splunk Enterprise, Tenable, HP Fortify, Sonatype Nexus IQ
● Experience with security assessments pertaining to government projects
● Security certifications or qualifications
● Experience with continuous integration and continuous delivery /deployment methodology
● Worked for an organization which succeeded DevSecOps transformation
 

Closing on 24 May 2021