Job description:
Position Summary
Being a leading payment infrastructure provider in Singapore, NETS develops and operates many mission-critical financial services that is used by the population in Singapore. The Security By Design Architect plays a critical role in helping to ensure Security By Design principles are closely adhered to in the design and implementation of these financial services.
Responsbiltites
- Security by Design
- End-to-end accountability of the overall security design of financial services projects.
- Collaborate with project teams to ensure that security requirements are considered and assessed from the outset of each project.
- Test and verify that the security requirements are properly implemented.
- Establish secure design patterns for applications to follow a well-defined template to ensure application security.
- Evaluate existing system security postures and recommend enhancements
- Familiarity with DevSecOps and Shift-Left security principles.
- Security Engineering Subject Matter Expert
- Keep on top of developments in cyber threats and advances in security protection
- Provide expert guidance and support to development teams on secure coding practices, security testing, and vulnerability management.
- Familiarity with security engineering and design principles across applications, databases, infrastructure and network
- Risk Management and Compliance
- Ensure compliance with relevant regulatory requirements and industry standards.
- Conduct thorough security risk assessments and threat modelling for new and existing projects.
- Provide support for internal and external Audits and provide defence and explanations to the soundness of the security design of the systems.
- Collaboration and Communication
- Collaborate with cross-functional teams to ensure the success and security of system implementations.
Requirements
- Degree in Computer Science, Computer Engineering or Information Security related fields.
- At least 5 years experience in security engineering, with deep expertise in one or more security domains.
- Broad appreciation of overall security architecture and how various security technologies interact to achieve overall security defence.
- At least 3 years experience in Application Security.
- Security certifications such CISSP, CISM, CCSP, CISA, AWS Certified Security - Specialty are highly desirable.
- Experience in Cloud Security is a must.
- Familiarity with MAS TRM, PCI DSS and PCI PTS is a must.
- Familiarity with various payment and Card specifications, standards and protocols is an advantage.