341 Security Information jobs in Singapore

Cybersecurity Engineer (Web Security) - Information Security (Campus Recruitment 2026)
Join to apply for the
Cybersecurity Engineer (Web Security) - Information Security (Campus Recruitment 2026)
role at
Shopee
Cybersecurity Engineer (Web Security) - Information Security (Campus Recruitment 2026)
Join to apply for the
Cybersecurity Engineer (Web Security) - Information Security (Campus Recruitment 2026)
role at
Shopee
About The Team
The Engineering and Technology team is at the core of the Shopee platform development. The team is made up of a group of passionate engineers from all over the world, striving to build the best systems with the most suitable technologies. Our engineers do not merely solve problems at hand; We build foundations for a long-lasting future. We don't limit ourselves to what we can or can't do; we take matters into our own hands, even if it means drilling down to the bottom layer of the computing platform. Shopee's hyper-growing business scale has transformed most "innocent" problems into huge technical challenges, and there is no better place to experience it first-hand if you love technologies as much as we do.
About The Team
The Engineering and Technology team is at the core of the Shopee platform development. The team is made up of a group of passionate engineers from all over the world, striving to build the best systems with the most suitable technologies. Our engineers do not merely solve problems at hand; We build foundations for a long-lasting future. We don't limit ourselves to what we can or can't do; we take matters into our own hands, even if it means drilling down to the bottom layer of the computing platform. Shopee's hyper-growing business scale has transformed most "innocent" problems into huge technical challenges, and there is no better place to experience it first-hand if you love technologies as much as we do.
Job Description
Embed security principles into the design of system architectures to mitigate the risks posed by new technologies and business practices.
Leverage security research, security assessment, operations, and incident response to ensure security across different products and systems.
Stay updated with industry trends and continuously improve the security of the company.
Requirements
Bachelor's degree in Computer Science, Engineering, or related fields, graduating from December 2025 to May 2026.
Proficient in OWASP TOP 10 vulnerabilities, with a comprehensive understanding of their root causes and remediations.
Skilled in black box testing methodologies, capable of independently conducting source code audits or system security assessments.
Familiar with common business logic vulnerabilities, such as broken authentication and permission control, and with experience in independently exploring business logic vulnerabilities.
Extensive experience in vulnerability mining, code auditing, and implementing security solutions.
Proficient in at least one programming language, such as Java, Python, PHP, Go, C, etc., with the ability to read design documents and related code.
Bilingual in Mandarin and English is a plus to facilitate cross-border communication with the stakeholders in China
Seniority level
Seniority level Entry level
Employment type
Employment type Full-time
Job function
Job function Information Technology
Industries Software Development, Internet Marketplace Platforms, and Technology, Information and Internet
Referrals increase your chances of interviewing at Shopee by 2x
Get notified about new Cyber Security Engineer jobs in
Singapore, Singapore .
Information Technology - Cyber Security Analyst (Scoot)
Graduate Hiring - Cybersecurity Engineer
Information Security Analyst Level I or II - SIEM, Tues-Sat 7am-3pm
Information Technology - Cyber Security Engineer (Threat Management and Incident Response) (Scoot)
Security Engineer (SOC Analyst) - Digital Bank
South East Community Development Council, Singapore 1 week ago
Information Technology - Cyber Security Lead Engineer
Senior Cybersecurity Engineer (Endpoint Protection, Detection and Response)
Information Technology - Cyber Security Specialist (Risk and Governance)
Offensive Security Engineer (Red Team) - Information Security
Information Technology Security Engineer
Data Center Security Specialist, Data Center Security
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr

Take on a crucial role where you'll be a key part of a high-performing team delivering secure software solutions. Make a real impact as you help shape the future of software security at one of the world's largest and most influential companies.

As a Security Engineer III - Cloud and Infrastructure at JPMorgan Chase within the Cybersecurity & Technology Controls, you are an integral part of team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. As a core technical contributor, you are responsible for carrying out critical technology solutions with tamper-proof, audit defensible methods across multiple technical areas within various business functions.

Job responsibilities

• Design, implement, and maintain security solutions for an enterprise-scale environment

• Understand the functions of systems engineering, systems integrations, and systems administration roles

• Execute on key deliverables in the security engineering space

• Design and develop production deployments with the ability to think beyond routine or conventional approaches in order to deliver technology solutions for key stakeholders

• Develop secure and high-quality production code and review and debug code written by others

• Implement complex business logic in Python, Bash, PowerShell, and other scripting languages

• Engage effectively with third-party vendors in communicating and collaborating with a broad range of internal teams

• Minimize security vulnerabilities by following industry insights and government regulations to continuously evolve security protocols, including creating processes to determine the effectiveness of current controls

• Work with stakeholders and business leaders to understand security needs and recommend business modifications during periods of vulnerability

Required qualifications, capabilities, and skills

• Bachelor’s Degree in Computer Science, Cybersecurity, Data Science, or related disciplines

• Formal training or certification on security engineering and/or cybersecurity concepts and 3+ years applied experience

• Experience with cloud engineering, deployment engineering, DevOps engineering, or equivalent

• Specific experience deploying commercial software at scale into an enterprise environment

• Demonstrated skills in planning, designing, and implementing enterprise level security solutions

• Demonstrate strong working knowledge of Windows and Linux systems internals

• Strong experience defining and implementing infrastructure as Code (IaC), working with CI/CD pipelines, and associated automation tooling

• Commanding knowledge of a programming/scripting language for automation and integration tasks

• Proficiency in all aspects of the Software Development Life Cycle & Cloud Technologies (e.g., AWS security)

• Strong analytical experience with problem solving mindset and the ability to solve complex challenges

• Advanced understanding of agile methodologies such as CI/CD, Application Resiliency, and Security

Preferred qualifications, capabilities, and skills

• Cloud computing related certifications with an AWS focus are strongly preferred (i.e., Certified Solutions Architect, DevOps Engineer, etc.) or similar

• Experience effectively communicating with senior business leaders

To apply for this position, please use the following URL:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.

Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us

Job Description:

The Identity Defense team aims to mitigate incidents through monitoring of network account usage, authentication activities and authentication behaviors. The team is responsible to reduce the risk associated with misuse or illicit use of accounts which grant access to Bank of America's workforce network. An Identity Defense analyst is accountable for researching, designing, engineering, implementing, and supporting solutions to prevent and detect anomalous use of accounts.

Responsibilities:

The Identity Defense Specialist will support design efforts to build out new processes, controls, and supporting governance related to implementation of human and non-human account monitoring to protect the Bank. You will utilize in-depth technical knowledge and business requirements to help implement scalable solutions, inclusive of monitoring, alerting, and escalation frameworks focused on core account protections. Leveraging your knowledge of both common and emerging threats related to account take-over, you will have an opportunity to proactively develop, implement, and influence controls and policy within the digital identity domain. You will partner with leaders from line of business organizations to triage security events and report on impacting security incidents.

The Analyst will regularly collaborate with experts in and out of our team, both in country and in other regions, so excellent communication skills are very important. The role will also involve discussion with employees as part of alert analysis and disposition. If you are seeking a demanding role within Global Information Security (GIS) and have the required skills, this will be a great opportunity for you. Typically, applicants should have 3+ years of cybersecurity or engineering experience. Responsibilities include, but are not limited to:

• Actively investigate alerts related to potentially anomalous behavior/activity.
• Confidently and professionally interview/question users to determine or confirm root cause.
• Communicate effectively with response and business partners.
• Build and monitor Splunk alerting and dashboards.
• Identify areas for further process automation, simplification, and improvement.
• Provide status updates for executives and stakeholders in non-technical terms encompassing risk, impact, containment, remediation, etc.
• Risk management.
• Comprehensively document analysis, investigative activities, actions, etc.

Required Skills:

• 3+ years of experience with cloud information security related activities.
• 3+ years of experience in an operations focused cloud information security role.
• Experience conducting analysis/investigation and containment of potential data breaches or cyber security incidents.
• Ability to analyze data and evaluate relevance to a specific incident under investigation.
• Ability to handle multiple competing priorities in a fast-paced environment; ability to be decisive and take action without causing an undue delay.
• Ability to exercise independent judgment when responding to alerts.
• Ability to communicate effectively across all levels of the organization, to both technical and non-technical audiences.
• Familiarity with security vulnerabilities exploits and hacker techniques.
• Familiarity identity management standards, social engineering TTPs, and the incident response lifecycle.
• Familiarity with Splunk, and the ability to build queries, alerts, dashboards, etc.
• Knowledgeable of current authentication-based exploits.
• Proven experience presenting findings via written reports and orally to key stakeholders in clear and concise language.
• Supportive and can work well as part of a team as well as independently.
• Can remain calm under pressure.
• Ability to work in a strong team-orientated environment with a sense of urgency and resilience.
• Critical thinking - must be able to think outside the box and develop solutions to accomplish seemingly impossible tasks while remaining risk and objective focused.

Desired Skills:

Desired Skills/Qualifications/Certifications:

Cloud+; AZ-900 (Azure Fundamentals), AZ-500 (Azure Security Engineer Associate), SC-900 (Security, Compliance and Identity Fundamentals); AWS Certified Security Specialty 2024

• Actively investigate alerts related to potentially anomalous behavior/activity.
• Confidently and professionally interview/question users to determine or confirm root cause.
• Communicate effectively with response and business partners.
• Build and monitor Splunk alerting and dashboards.
• Identify areas for further process automation, simplification, and improvement.
• Provide status updates for executives and stakeholders in non-technical terms encompassing risk, impact, containment, remediation, etc.
• Risk management.
• Comprehensively document analysis, investigative activities, actions, etc.

• 3+ years of experience with cloud information security related activities.
• 3+ years of experience in an operations focused cloud information security role.
• Experience conducting analysis/investigation and containment of potential data breaches or cyber security incidents.
• Ability to analyze data and evaluate relevance to a specific incident under investigation.
• Ability to handle multiple competing priorities in a fast-paced environment; ability to be decisive and take action without causing an undue delay.
• Ability to exercise independent judgment when responding to alerts.
• Ability to communicate effectively across all levels of the organization, to both technical and non-technical audiences.
• Familiarity with security vulnerabilities exploits and hacker techniques.
• Familiarity identity management standards, social engineering TTPs, and the incident response lifecycle.
• Familiarity with Splunk, and the ability to build queries, alerts, dashboards, etc.
• Knowledgeable of current authentication-based exploits.
• Proven experience presenting findings via written reports and orally to key stakeholders in clear and concise language.
• Supportive and can work well as part of a team as well as independently.
• Can remain calm under pressure.
• Ability to work in a strong team-orientated environment with a sense of urgency and resilience.
• Critical thinking - must be able to think outside the box and develop solutions to accomplish seemingly impossible tasks while remaining risk and objective focused.

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.

Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

Job Description:

The Identity Defense team aims to mitigate incidents through monitoring of network account usage, authentication activities and authentication behaviors. The team is responsible to reduce the risk associated with misuse or illicit use of accounts which grant access to Bank of America's workforce network. An Identity Defense analyst is accountable for researching, designing, engineering, implementing, and supporting solutions to prevent and detect anomalous use of accounts.

Responsibilities:

The Identity Defense Specialist will support design efforts to build out new processes, controls, and supporting governance related to implementation of human and non-human account monitoring to protect the Bank. You will utilize in-depth technical knowledge and business requirements to help implement scalable solutions, inclusive of monitoring, alerting, and escalation frameworks focused on core account protections. Leveraging your knowledge of both common and emerging threats related to account take-over, you will have an opportunity to proactively develop, implement, and influence controls and policy within the digital identity domain. You will partner with leaders from line of business organizations to triage security events and report on impacting security incidents.

The Analyst will regularly collaborate with experts in and out of our team, both in country and in other regions, so excellent communication skills are very important. The role will also involve discussion with employees as part of alert analysis and disposition. If you are seeking a demanding role within Global Information Security (GIS) and have the required skills, this will be a great opportunity for you. Typically, applicants should have 3+ years of cybersecurity or engineering experience. Responsibilities include, but are not limited to:

• Actively investigate alerts related to potentially anomalous behavior/activity.
• Confidently and professionally interview/question users to determine or confirm root cause.
• Communicate effectively with response and business partners.
• Build and monitor Splunk alerting and dashboards.
• Identify areas for further process automation, simplification, and improvement.
• Provide status updates for executives and stakeholders in non-technical terms encompassing risk, impact, containment, remediation, etc.
• Risk management.
• Comprehensively document analysis, investigative activities, actions, etc.

Required Skills:

• 3+ years of experience with cloud information security related activities.
• 3+ years of experience in an operations focused cloud information security role.
• Experience conducting analysis/investigation and containment of potential data breaches or cyber security incidents.
• Ability to analyze data and evaluate relevance to a specific incident under investigation.
• Ability to handle multiple competing priorities in a fast-paced environment; ability to be decisive and take action without causing an undue delay.
• Ability to exercise independent judgment when responding to alerts.
• Ability to communicate effectively across all levels of the organization, to both technical and non-technical audiences.
• Familiarity with security vulnerabilities exploits and hacker techniques.
• Familiarity identity management standards, social engineering TTPs, and the incident response lifecycle.
• Familiarity with Splunk, and the ability to build queries, alerts, dashboards, etc.
• Knowledgeable of current authentication-based exploits.
• Proven experience presenting findings via written reports and orally to key stakeholders in clear and concise language.
• Supportive and can work well as part of a team as well as independently.
• Can remain calm under pressure.
• Ability to work in a strong team-orientated environment with a sense of urgency and resilience.
• Critical thinking - must be able to think outside the box and develop solutions to accomplish seemingly impossible tasks while remaining risk and objective focused.

Desired Skills:

Desired Skills/Qualifications/Certifications:

Cloud+; AZ-900 (Azure Fundamentals), AZ-500 (Azure Security Engineer Associate), SC-900 (Security, Compliance and Identity Fundamentals); AWS Certified Security Specialty 2024

Responsibilities:

• Design, plan, installation, maintenance, configuration of Splunk distributed/cluster deployment, and integration with infrastructure tools, security devices and application software.
• Drive collaboration with peers to manage efforts with our Splunk solutions.
• Manage and maintain all Splunk components (search heads, indexers, forwarders)
• Manage data ingestion from different sources (data inputs, indexes, source types)
• Create Splunk contents (dashboard, reports, alerts, etc) for new use cases
• Manage Splunk access and permissions (users, roles, authentications)
• Fine tuning of existing searches for better performance
• Upgrade and installation of Splunk application (custom apps, Splunk-base apps)
• View Splunk logs for troubleshooting – must be well versed with Splunk SPL, Linux commands and python scripting.
• Troubleshoot technical issues to establish the root cause of problems and form a solution or workaround across a range of environments.
• Reproduce issues and if necessary, file bug reports, escalate cases to vendor, and provide necessary documentation
  Requirements:

Education:

• Bachelor’s degree in computer science or related field.
• Certifications (preferred but not explicitly listed):

o Splunk Certified Power User / Admin / Architect
Essential:
• You must be well versed with Splunk SPL, Linux commands and python scripting
o Design, deployment, and maintenance of distributed/clustered Splunk environments
o Management of search heads, indexers, forwarders
o Data ingestion: configuring inputs, indexes, source types
o Content creation: dashboards, reports, alerts
o Access control: user roles, authentication
o Application management: installing/upgrading custom and Splunk base apps
o Scripting & Troubleshooting
o Linux command-line skills
o Python scripting for automation and troubleshooting
o Log analysis and issue reproduction
o Bug reporting and vendor escalation

• You must be the experienced developer, with good experience in system integration/interfacing.
• Depending on the project, your duties may include coding, scripting, building new systems (where necessary) and interfaces. For new system build-up, you may need to environment support during SIT/UAT.
• You are expected to ensure your work are adequately documented and transferred to the production team post-cutover.
• You will be expected to work with the senior developers and system architect in formulating technical solutions that is fit for purpose for your assigned projects. The solution will need to satisfy all security, regulatory and architectural standards.
  Key Domain/ Technical Skills:
• Splunk as a core SPL (Search Processing Language) and reporting
• Integration with infrastructure and security devices
• Python Scripting for automation and troubleshooting.

About us:
D L Resources Pte Ltd is a leading provider of IT Professional Services & Banking outsourced staffing solutions, serving a diverse portfolio of clients across various industries including Financial Services Institutions, Banks & MNCs.
Interested candidates may reach out directly to our recruiters (Edwin
| EA License No: 24C2333 | EA Personnel No: R24123520)
#J-18808-Ljbffr

Company: Bank

Employment Type: 12-Month Contract

Salary: Up to S$8,000/month

As an Information Security & BCM Specialist, you will support and oversee key information security and business continuity activities for the APAC region, ensuring alignment with both local regulatory requirements and Group-level policies.

Security Governance & Compliance

• Maintain and review Security Policies, Addendums, Standards, and Procedures for international locations, ensuring alignment with regulatory requirements
• Ensure compliance with regional regulatory bodies (e.g., MAS, HKMA, LFRA, NFRA) in matters related to information security, BCM, and IT governance
• Coordinate and support regulatory security audits across APAC branch locations

Technology & Risk Assessments

• Review BRDs, network/security designs, and other technical documentation to ensure alignment with security policies
• Perform Technology Risk Assessments, Third-Party Risk Assessments, and track RCSA remediation activities
• Monitor and follow up on risk items in collaboration with Group IT, local branch IT, and other stakeholders

Security Awareness & Risk Monitoring

• Conduct regular Security Awareness programs for regional branch staff
• Monitor and review management dashboards and MIS related to patching, vulnerability assessments (VA), penetration testing (PT), and endpoint security controls

Business Continuity Management (BCM)

• Assist in the development, implementation, and maintenance of Business Continuity Plans (BCPs) across APAC operations
• Coordinate Business Impact Analyses (BIAs), risk assessments, and periodic testing of BCPs
• Support disaster recovery and incident response coordination
• Maintain BCM documentation and track remediation from incidents, tests, or audits
• Monitor regulatory developments related to BCM across APAC

• Min Bachelor's Degree in Information Security, Computer Science, IT, or related field
• Minimum 5 years of experience in Information Security and/or BCM, preferably with exposure across the APAC region
• Strong understanding of regional regulatory frameworks (e.g., MAS, HKMA)
• Hands-on experience with risk assessments, security governance, and incident response
• Strong communication and stakeholder management skills, including cross-functional collaboration with IT, Facilities, and Business teams

Interested candidates, do submit your resume to:

Jocelyn Chan| Consultant | Recruit Express Pte Ltd (Healthcare & Lifescience)

Company EA Licence number : 99C4599

Personnel EA License: R1331820

About The National Institute Of Education (nie)

The National Institute of Education (NIE), Singapore , is Singapore’s national teacher education institute and we are proud to be an integral part of the nation’s education service. We play a key role in the preparation of teachers and in the provision of teacher professional and school leadership development programmes. We are committed to our vision of being An Institute of Distinction: Leading the Future of Education and our mission to Inspire Learning, Transform Teaching and Advance Research . Read more about NIE here.

As part of NIE’s commitment to strengthening cybersecurity resilience, we are seeking a Senior IT Security Analyst to lead our Incident Response (IR) capabilities. This role is central to the Institute’s strategic direction, ensuring timely, effective, and coordinated responses to cyber threats, while continuously enhancing our response playbooks and readiness through automation and structured learning. This is a 3-year contract position.

Key Responsibilities

Incident Response Leadership

• Oversee the entire incident response lifecycle from detection to resolution.
• Lead investigations of IT security incidents and ensure thorough root cause analysis and remediation.
• Develop and maintain incident response playbooks and procedures.
• Coordinate with internal, external stakeholders, and vendors during incidents.
• Conduct post-incident reviews and report findings to management.
  
  

• Develop and implement advanced threat detection and monitoring strategies.
• Utilize SIEM, EDR, and other security tools for timely incident detection.
• Perform threat hunting and proactive security assessments.
• Collaborate with IT teams to deploy and optimize security solutions.
  
  

• Analyze and compile statistics on threats relevant to the Institute.
• Prepare and present detailed reports on threat statistics to stakeholders.
• Use data visualization tools to communicate threat trends and insights.
  
  

• A University Degree in Information Systems, Computer Science, Cybersecurity, or a related field.
• Professional Certification(s) in incident handling and security analysis preferred.
• GCIH or its equivalent is preferred.
  
  

• Minimum of 8 years of progressive experience in IT security, with a focus on Incident response.
• Minimum of 4 years of experience in a security operations center, with proven leadership capabilities.
• Intermediate knowledge of security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration.
• Proven experience in managing incident response and performing threat hunting.
  
  

• Proficiency in Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), traffic and packet analysis, and cloud security.
• Experience in firewall, Intrusion Prevention Systems (IPS), Web Application Firewalls (WAF) administration, virtualization, and cloud technologies.
• Experience in monitoring and administering host-based intrusion detection systems.
• Knowledge and experience in Linux/Windows/Database technologies preferred.
• Strong knowledge of industry standards and information security policy frameworks.
• Hands-on experience with scripting and automation tools to enhance security operations.
• Ability to conduct gap analysis of current processes and identify opportunities for improvement.
• Evaluate internal and external environments for threats related to Information Security and act as a subject matter expert to ensure these are properly addressed and controlled.
• Continuously improve event correlation and alerting processes and use cases to detect potential incidents.
• Automate manual processes to enhance security incident response.
• Experience with network security assessment tools.
  
  

• Excellent leadership and team management skills, with the ability to inspire and motivate a team.
• Strong communication skills, with the ability to effectively interact with stakeholders at all levels, including University administration.
• Demonstrated ability to drive strategic initiatives and lead a team through change.
• Exceptional problem-solving skills and the ability to think critically under pressure.
• Ability to interview stakeholders to define and document business requirements.
• Provide advice and guidance on response action plans for information risk events and incidents based on incident type and severity.
  
  

• We regret that only shortlisted candidates will be notified.
• NIE staff can take chartered buses at their own expense from or near their home to the NIE campus. This is subject to the availability of bus routes and seats.
  
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Higher Education

Referrals increase your chances of interviewing at Nanyang Technological University Singapore by 2x

Get notified about new Senior Information Technology Security Analyst jobs in Singapore, Singapore .

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.