743 Security Implementation jobs in Singapore

Security Implementation Engineer (Technical Implementation)
WHO WE ARE:
Build. Scale. Sustain.
PALO IT is a global technology consultancy that crafts tech as a force for good. We design, develop and scale digital and sustainable products and services to unlock value across the triple bottom line: people, planet, profit. We do the right thing, and we do it right. We're proud to be a World Economic Forum New Champion, and a B Corp-certified company.
We are small enough to care locally, big enough to deliver globally (5 continents, 18 offices, +650 experts from +50 nationalities)
We are robust and resilient (100% independent and 0 debt)
We are entrepreneurs and passionate experts : We invest in what we believe genuinely and work as a collective intelligence
We are positive, courageous, caring, doers and committed to excellence
YOUR ROLE:
The Security Implementation Engineer will work on implementing, analyse and assess the security strategy of technology platform and at enterprise level.
YOUR RESPONSIBILITIES:
Implement security controls in cloud infrastructure (AWS, Azure, GCP), including services like AWS Inspector, GuardDuty, Security Hub, VPC, Security groups, WAF, AWS Config, Trusted Advisor.
Manage the security aspects of DevOps/DevSecOps including Infrastructure as Code (IaC) deployment.
Conduct vulnerability scanning (containers and infrastructure), threat modeling, and penetration testing.
Implement application security practices including secure code repositories, SAST, DAST, SCA tools, OWASP Top 10, and SANS 25 guidelines.
Manage identity and access management (IAM), privileged access management (PAM), and encryption mechanisms.
Operate and manage incident response processes, change management, business continuity planning (BCP).
Manage endpoint and on-premises security solutions.
Remaining up to date with the latest security systems, tools, trends, and technology.
WHO YOU ARE:
5+ years of practical hands-on experience in security engineering, cloud security implementation, and DevSecOps.
Proven experience in designing and deploying technical security solutions and controls in startup or dynamic environments.
In-depth technical understanding of cloud services (compute, containers, storage, network, monitoring).
Expertise with cloud security solutions and operational management (AWS, Azure, GCP).
Proficiency in vulnerability management tools, container registry scanning, and infrastructure scanning technologies.
Skilled in threat modeling and penetration testing (application and infrastructure).
Deep understanding of data governance practices, data lifecycle management, and data loss prevention (DLP).
Familiarity with scaling and capacity management techniques (auto-scaling).
Certifications recommended: CCSK, CCSP, AWS Security Specialty
You are passionate about technology and continuous learning comes naturally to you.
You have excellent interpersonal, oral/written communication and cross-group collaboration skills.
You are an independent thinker with a strong work ethic but also willing and able to conform to established architectural constraints.
We will be prioritizing applicants who have a current right to work in Singapore, and do not require sponsorship of a visa.
MORE ABOUT PALO IT:
We’re eager to adapt to change, learn from our experiences and move to meet our planet’s urgent needs. We are continuously taking action to:
Attain 50% of revenue from projects with a positive impact
Train 100% of our workforce on impact
Achieve B Corp certification among all our offices across the globe
Continuously measure & improve employee happiness
Our clients are amongst the world's most successful companies. We innovate with both established Fortune 1000s, SMEs and start-ups who aim to make an impact, become global leaders and address the world's most complex challenges.
What We Offer
Stimulating working environments
Unique career path
International mobility
Internal R&D projects
Knowledge sharing
Personalized training
For more on our team culture and benefits, check out ourcareers page .
PALO IT Singapore is an equal opportunity employer. Employment decisions will be based on merit, qualifications and abilities. Palo IT SG does not discriminate in employment opportunities or practices on the basis of race, colour, religion, sex, sexuality, national origin, age, disability, marital status or any other characteristics protected by law.
Protecting your privacy and the security of your data are longstanding top priorities for Palo-IT.
Your personal data will be processed for the purposes of managing Palo-IT’s recruitment related activities, which include setting up and conducting interviews and tests for applicants, evaluating and assessing the results, and as is otherwise needed in the recruitment and hiring processes.
Please consult ourPrivacy Notice to know more about how we collect, use, and transfer the personal data of our candidates. Here you can find how you can request for access, correction and/or withdrawal of your Personal Data.
Create a Job Alert
Interested in building your career at PALO IT? Get future opportunities sent straight to your email.
Apply for this job
*
First Name *
Last Name *
Email *
Phone *
Location (City) *
Resume/CV *
Enter manually
Accepted file types: pdf, doc, docx, txt, rtf
Enter manually
Accepted file types: pdf, doc, docx, txt, rtf
Education
School Select.
Degree Select.
Select.
Select.
Start date year
End date month Select.
End date year
LinkedIn Profile
Website
How did you hear about this job?
Are you eligible to work in the country of the role that you applied for? * Select.
What are your annual salary expectations for your next role? *
Select.
Protecting your privacy and the security of your data are longstanding top priorities for Palo-IT.
Your personal data will be processed for the purposes of managing Palo-IT’s recruitment related activities, which include setting up and conducting interviews and tests for applicants, evaluating and assessing the results, and as is otherwise needed in the recruitment and hiring processes.
Please consult our Privacy Notice to know more about how we collect, use, and transfer the personal data of our candidates.
Here you can find how you can request for access, correction and/or withdrawal of your Personal Data.
#J-18808-Ljbffr

S ecurity Engineers (1 year contract) who have the information security knowledge and can do the security project.

Security Engineer requirements:

• Degree in Computer Science, Computer Engineering or Information Security related fields.
• At least 5 years ’ experience as security engineer, with deep expertise in one or more security domains (endpoint, network, application, database, D ev S ec O ps ).
• At least 3 years ’ hands-on experience involved in security projects end-to-end or delivery.
• Familiar with some of the security domain tools – (Web Proxy, FIM, DLP, Email Gateway, AV, EDR, MDR, DDoS, IDS/IPS, API Security, SAST, SCA, Container Scan, DAST, IAST, RASP, CI/CD Security Gates, Load Balancer Security, PAM, KSM, HSM, Thread Modelling)
• Security certifications such CISSP, CISM, CCSP, CISA, AWS Certified Security are highly desirable.
• Technology pioneer for emerging technologies
• Experience in Security Engineering for Cloud workloads is an added advantage.

About the company

TMGM Singapore is a dynamic and rapidly growing startup within the global financial services industry. As part of a global company, TMGM Singapore offers a fast-paced, innovative environment with opportunities for growth and development.

We’re seeking a talented Security Engineer to join our team and play a vital role in protecting our systems, infrastructure, and data. In this role, you’ll be at the forefront of monitoring, investigating, and responding to threats, while also driving initiatives that strengthen our security posture. If you’re passionate about security, love problem-solving, and thrive in fast-paced environments, we’d love to hear from you.

Security Operations & Monitoring

• Monitor security alerts, logs, and incidents via SIEM tools and EDR platforms.
• Investigate security events and lead incident response activities.
• Maintain threat detection and prevention systems, including IDS/IPS, firewalls, and Zero Trust solutions.

Identity & Access Management (IAM)

• Implement and maintain RBAC, MFA, and least privilege access policies.
• Support integration of applications with SSO and SCIM where applicable.

Vulnerability & Risk Management

• Conduct regular vulnerability assessments and penetration testing.
• Remediate identified risks in collaboration with IT and development teams.
• Ensure compliance with frameworks such as SOC 2, ISO 27001, and GDPR.

Cloud & Network Security

• Apply security best practices across AWS, Azure, and other cloud platforms.
• Assist in the secure configuration of office network infrastructure, VPN, and Zero Trust access.

Policy & Governance Support

• Contribute to security policies, standards, and technical guidelines.
• Participate in security awareness training and phishing simulation programmes.

Collaboration & Projects

• Work alongside IT Operations to deploy and maintain security tools.
• Provide security expertise in projects, change management, and system upgrades.

• Minimum 3–5 years in security engineering or a related role, with proven success in incident response and security operations.
• Familiarity with ISO 27001, SOC 2, NIST, and GDPR.
• Proficiency with SIEM tools (Splunk, Microsoft Sentinel, ELK) and EDR platforms.
• Strong understanding of IAM, network security, and endpoint protection.
• Hands-on experience with AWS, Azure, or GCP.
• Knowledge of vulnerability scanning, remediation tools, and penetration testing practices.
• Strong problem-solving and analytical skills, with the ability to perform under pressure during incidents.
• Clear communication and stakeholder engagement abilities.

• Competitive salary and performance-based bonuses.
• Opportunities for career growth and development within a global company.
• Collaborative and inclusive work environment with exposure to cross-region operations.
• Health and wellness benefits.

Key Responsibilities

• Manage and maintain primary security systems including Rufus AV API, Ivanti endpoint management, Trend Micro Deep Security Manager, Trend Micro Apex One, GCC Trend Micro platforms, and Trellix Endpoint DLP solutions
• Provide secondary support for RSA two-factor authentication, CyberArk Enterprise/MEPS+/SWIFT environments, and Tenable vulnerability management systems
• Execute security infrastructure projects including CIS hardening implementations, system migrations, and platform consolidations
• Monitor and respond to security vulnerabilities and zero-day threats, implementing appropriate mitigation measures and patches
• Support system upgrades and migrations across multiple platforms whilst ensuring minimal disruption to business operations
• Deploy and configure security monitoring tools including File Integrity Monitoring (FIM) and Smart Protection Servers
• Collaborate with cross-functional teams including EDP/USC for endpoint security tool deployments and updates
• Maintain security compliance through regular system hardening, configuration management, and policy enforcement
• Participate in disaster recovery planning and contribute to architectural planning for managed security tools in cloud environments
• Provide technical documentation, standard operating procedures, and knowledge transfer to support team operations
• Respond to security incidents and provide after-hours support as required for critical security systems

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field
• Minimum 3-5 years of hands-on experience in cybersecurity operations and security tool management
• Proven experience with endpoint security platforms (Trend Micro, antivirus solutions)
• Experience with privileged access management systems (CyberArk preferred)
• Knowledge of vulnerability management tools and processes (Tenable, Nessus)
• Understanding of enterprise security frameworks and compliance requirements
• Experience with system administration on Windows and Linux platforms
• Familiarity with security incident response procedures and methodologies
• Strong analytical and problem-solving skills with attention to detail
• Ability to work independently and manage multiple concurrent projects
• Excellent communication skills for stakeholder engagement and technical documentation

• Master's degree in Cybersecurity or related advanced qualification
• Professional certifications such as CyberArk Defender/Sentry, CISSP, GCIH, or equivalent security certifications
• Experience with automation tools and scripting (Ansible, Python, PowerShell)
• Knowledge of cloud security platforms and hybrid infrastructure environments
• Familiarity with SIEM tools and security monitoring platforms
• Experience with Singapore Government security standards and compliance frameworks (IM8, CSA guidelines)
• Understanding of financial sector security requirements and regulations
• Project management experience and ability to lead technical initiatives

• Security Infrastructure Modernisation: Supporting ongoing platform migrations, system upgrades, and integration projects to maintain current security technology stack
• GCC Security Tool Migration: Contributing to the architectural planning and implementation of managed security tools in the Government Data Centre environment
• Endpoint Security Enhancement: Implementing advanced security measures including reference server setups, subnet blocking, and unauthorised access prevention
• Security Monitoring Expansion: Deploying File Integrity Monitoring solutions and enhancing visibility through integration with monitoring platforms like Techlens

Select how often (in days) to receive an alert:

• Incident Management: Respond to managed security technologies’ fault alerts and/or customer escalation. This includes performing incident/problem escalation within SLA to internal technical teams or external product vendor until resolution.
• Troubleshooting: Provide support for security solutions, including troubleshooting product-specific technical issues within SLA and work with internal teams/external vendors to resolve technical issues.
• Patch Management: Plan and apply regular updates to mitigate vulnerabilities and maintain system compliance.
• Service and Change Requests: Respond to inbound Change Requests (CRs), Service Requests (SRs) or other queries within SLA.
• System Monitoring: Continuously monitor security systems and perform regular health checks and tasks to ensure operational effectiveness.
• Collaboration: Work closely with IT and cybersecurity teams for reporting and to enhance security measures into ongoing operations.
• Proactive Measures: Stay current with the latest cybersecurity trends and implement proactive measures to improve security posture.
• Compliance: Ensure adherence to security standards and develop / update comprehensive documentation and guides.

• Bachelor’s degree or diploma in Computer Science, Information Technology, Cybersecurity, or a related field.
• 1-5 years of experience in IT or cybersecurity roles.
• Knowledge in AWS cloud native security tools and services such as AWS IAM, Firewall/WAF, GuardDuty, KMS etc.
• Practical working expertise with one or more of the following technologies: Imperva DAM, Cyberark, Trend Micro Cloud One, Web Gateway (i.e. McAfee) and AquaSec, Tenable
• Sound fundamental knowledge on IP networking (e.g. TCP/IP, routing, etc.) and Firewalls (e.g. Checkpoint, Fortigate)
• Strong analytical and problem-solving skills.
• Excellent communication and teamwork abilities.

We are driven by our AEIOU beliefs—Adventure, Excellence, Integrity, Ownership, and Unity —and we seek individuals who embody these values in both their professional and personal lives. We are committed to our Impact: Valuing our clients, Growing our people, and Creating our future .

Together, we make the extraordinary happen.

Learn more about us at ncs.co and visit our LinkedIn career site.

Mantle Network is an EVM-compatible Ethereum layer 2 (L2) ecosystem designed to enhance scalability and efficiency on the Ethereum blockchain. Our ecosystem includes Mantle Network, a decentralized autonomous organization (DAO) called Mantle Governance, and an Ether (ETH) liquid staking protocol, Mantle LSP.

The Mantle token ($MNT) is central to our ecosystem, serving as both the product and governance token, seamlessly linking the various network elements.

According to L2BEAT, Mantle Network is ranked as the eighth largest L2 network by total value locked (TVL), making it one of the most prominent L2 solutions. Mantle LSP ranks as the fourth largest liquid staking protocol by TVL, as per DefiLlama. Mantle also boasts one of the world's largest treasuries, valued at $3.8 billion, leveraging this to incentivize ecosystem growth.

• Identify requirements risks and conduct security reviews during the development process, including code audits, pre-release testing, and post-launch risk monitoring.
• Follow up on security vulnerabilities and alerts, assisting in fixing issues until resolution.
• Provide security training for developers and offer effective solutions for security issues in code.
• Respond to security incidents promptly to resolve issues.
• Continuously monitor and analyze security intelligence, performing risk alerts.
• Coordinate regularly with business units to update on security status, requirements, and standards, ensuring implementation.

• Bachelor's degree or above with over 5 years of experience in penetration testing and code auditing.
• Proficiency in at least one programming language (e.g., Node.js, Golang).
• Knowledge of security incident response techniques and procedures.
• Familiarity with penetration testing, APT attack-defense techniques, and internal network penetration (including lateral privilege escalation, evasion techniques, tunneling, etc.).
• Understanding of common internet business security design and data security best practices.
• Familiarity with encryption algorithms, TLS, OAuth, JWT, and related technologies.
• Knowledge of major public blockchains (BTC/ETH) and digital currency wallet principles.
• Proactive thinking and strong learning ability.

• Experience with threat modeling, SDL/devsecops practices.
• Experience with APT tracing.
• Development experience with security tools and platforms.
• Experience in emergency response planning, ongoing intelligence tracking, and operational activities.

If you believe you have valuable experience to contribute but do not meet all criteria, we still welcome your application. We consider all candidates.

Overview

Join to apply for the Security Engineer role at DXC Technology .

3 days ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

• Monitor and manage security infrastructure and tools in scope (e.g., AV, DLP, EDR, DAM, PKI, PAM, HSM, Vulnerability Scanner, SIEM)
• Receive and respond to security incidents and events via established workflows and automation tools
• Support configuration and troubleshooting of infrastructure security solutions, including:
• DLP, AV, HIPS (Trellix)
• EDR (Carbon Black)
• DAM (Imperva)
• SLIFT encryption
• Log and SIEM (Splunk)
• Microsoft CA PKI
• RSA 2FA and CyberArk (PAM)
• Act as the escalation point for infrastructure-related incidents during office hours and provide standby/on-call support
• Assist in analysis, containment, and remediation of security incidents
• Prepare and maintain incident records, reports, and lessons learned documentation

• Security Operations & Implementation
• Monitor and manage security infrastructure and tools in scope (e.g., AV, DLP, EDR, DAM, PKI, PAM, HSM, Vulnerability Scanner, SIEM)
• Receive and respond to security incidents and events via established workflows and automation tools
• Support configuration and troubleshooting of infrastructure security solutions, including:
• DLP, AV, HIPS (Trellix)
• EDR (Carbon Black)
• DAM (Imperva)
• SLIFT encryption
• Log and SIEM (Splunk)
• Microsoft CA PKI
• RSA 2FA and CyberArk (PAM)
• Luna HSM (Thales)
• Tenable Nessus SC

• Act as the escalation point for infrastructure-related incidents during office hours and provide standby/on-call support
• Assist in analysis, containment, and remediation of security incidents
• Prepare and maintain incident records, reports, and lessons learned documentation

• Conduct regular vulnerability scans and assist with patching/remediation coordination
• Maintain awareness of known threats and assist in threat hunting activities
• Help maintain the security risk register and support identification of recurring issues or weak points

• Generate and maintain standard operating procedures (SOPs), knowledge articles, and technical documentation
• Support the development of regular service and incident reports
• Assist in compliance reporting and audits

• Engage with internal and client teams to understand business requirements and provide technical support
• Maintain awareness of industry trends and security best practices
• Participate in training to improve knowledge of tools and response processes

• Degree or diploma in Information Technology, Cybersecurity, or related field
• 1+ year experience in IT or security operations (internship, NOC, SOC, or IT support roles are acceptable)
• Familiarity with security concepts, tools, or certifications (even entry-level) is a strong plus
• Familiarity with network and host security technologies (EDR, AV, HIPS, DLP, Firewalls)
• Basic understanding of SIEM platforms (e.g., Splunk), PKI, and log correlation
• Experience in working with or supporting some of the following:
• Trellix Endpoint Security (AV, DLP, HIPS)
• Carbon Black EDR
• Imperva DAM
• Microsoft PKI and Certificates
• CyberArk and RSA 2FA
• Tenable Nessus Security Center
• Luna HSM (Thales)

• Understanding of information security principles, CIA triad, and risk assessment basics
• Exposure to Windows and Linux environments
• Ability to create basic documentation and reports
• Willingness to take initiative and learn from senior engineers

• CompTIA Security+
• Microsoft SC-900 / AZ-900
• EC-Council CEH (or equivalent)
• Any vendor training (e.g., Trellix, Carbon Black, Splunk Fundamentals)

• Based in client or office site (hybrid possible depending on project)
• Standard office hours, Mon–Fri
• Participation in standby/on-call roster for incident response and escalations

At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.

• Entry level

• Full-time

• Information Technology

• IT Services and IT Consulting

Referrals increase your chances of interviewing at DXC Technology by 2x

Get notified about new Security Engineer jobs in Singapore, Singapore .

Overview

Join to apply for the Security Engineer role at DXC Technology

Get AI-powered advice on this job and more exclusive features.

• Monitor and manage security infrastructure and tools in scope (e.g., AV, DLP, EDR, DAM, PKI, PAM, HSM, Vulnerability Scanner, SIEM)
• Receive and respond to security incidents and events via established workflows and automation tools
• Support configuration and troubleshooting of infrastructure security solutions, including DLP, AV, HIPS (Trellix), EDR (Carbon Black), DAM (Imperva), SLIFT encryption, Log and SIEM (Splunk), Microsoft CA PKI, RSA 2FA and CyberArk (PAM)
• Act as the escalation point for infrastructure-related incidents during office hours and provide standby/on-call support
• Assist in analysis, containment, and remediation of security incidents
• Prepare and maintain incident records, reports, and lessons learned documentation
• Luna HSM (Thales) and Tenable Nessus SC knowledge as applicable

• Degree or diploma in Information Technology, Cybersecurity, or related field
• 1+ year experience in IT or security operations (internship, NOC, SOC, or IT support roles are acceptable)
• Familiarity with security concepts, tools, or certifications (even entry-level) is a strong plus
• Familiarity with network and host security technologies (EDR, AV, HIPS, DLP, Firewalls)
• Basic understanding of SIEM platforms (e.g., Splunk), PKI, and log correlation
• Experience in working with or supporting some of the following: Trellix Endpoint Security (AV, DLP, HIPS), Carbon Black EDR, Imperva DAM, Microsoft PKI and Certificates, CyberArk and RSA 2FA, Tenable Nessus Security Center, Luna HSM (Thales)

• Understanding of information security principles, CIA triad, and risk assessment basics
• Exposure to Windows and Linux environments
• Ability to create basic documentation and reports
• Willingness to take initiative and learn from senior engineers

• CompTIA Security+
• Microsoft SC-900 / AZ-900
• EC-Council CEH (or equivalent)
• Any vendor training (e.g., Trellix, Carbon Black, Splunk Fundamentals)

• Based in client or office site (hybrid possible depending on project)
• Standard office hours, Mon–Fri
• Participation in standby/on-call roster for incident response and escalations

At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services. DXC does not make offers of employment via social media networks and DXC never asks for money or payments from applicants at any point in the recruitment process. More information on employment scams is available here.

• Entry level

• Full-time

• Information Technology

• IT Services and IT Consulting