#SGUnitedJobs Team Lead (Application Security)

  • Job Category
    Information Technology, Public / Civil Service
  • Job level
    Middle Management
  • Contract type
    Full Time

Job Description

The Clusters and Technology Management Office (CTMO) is spearheading the adoption of leading application security (Application Security) practices, standards and solution to fundamentally secure application software developed by our various application project/product teams.

As our Senior Application Security specialist, you will lead our Application Security team and be responsible for planning our Application Security roadmap, standardisation of our Application Security practices and solutions, and delivery of Application Security professional services to our application teams. The Application Security professional services range from providing project-based Application Security consultancy, delivery of security assessments to training GovTech officers to uplift their Application Security capabilities.    

What to Expect:

  • Study and propose Application Security roadmap to uplift the way apps security is practised today.  

  • Develop secure application development practices, standards, guidelines and solutions with the aim to standardise and raise the Application Security practices of our application teams.  

  • Develop Application Security requirement specifications that can be adopted by application development & maintenance tenders as the baseline application security requirements for contractors.

  • Promote the adoption of leading Application Security practices and solutions among agency apps teams in line with the current development in the Application Security space.

  • Perform Application Security assessments for selected applications using a combination of threat modelling, vulnerability research, code scanning, application security testing and recommendation of proper remediation actions.

  • Define the communication and education framework to raise the Application Security awareness, capabilities and competencies of GovTech officers.

How to Succeed:

  • Degree in Computer/Computer Science or Electronics Engineering or Information Technology or equivalent. 

  • Minimum 8 years of work experience in with at least 2 years of relevant experience in (web or mobile-based application security). 

  • Familiar with application security review and testing approaches/methodologies in both waterfall and agile application development.

  • Familiar with the concept of CI/CD and DevOps, and how security testings can be integrated and automated as part of software delivery pipelines.  

  • Experience as penetration tester and source code reviewer is an added advantage.

  • Excellent written, verbal communication, presentation and negotiation skills.

  • Singapore Citizen only.

Closing on 24 May 2021