518 Security Testing jobs in Singapore

Seeking a highly skilled and motivated Senior Cyber Security Testing Specialist who is skilled in application and infrastructure penetration testing, vulnerability assessment and secure code review to conduct, guide and review the work of external and cross function team security testers. In this role, you will be responsible for assessing and enhancing the security posture of the organisation’s critical applications and infrastructure through comprehensive testing, vulnerability assessment, and penetration testing techniques. Your expertise will play a crucial role in identifying security vulnerabilities and recommending risk mitigation strategies to different senior stakeholders.

Make An Impact By

• Coordinate and Oversee Penetration Testing & Vulnerability Assessment Engagements:
  • Manage and coordinate penetration testing and vulnerability assessment engagements with external vendors, ensuring effective communication and collaboration between internal stakeholders and vendors.
  • Work closely with Domain security champions to review and tailor the scope, rules of engagement, testing methodologies, and reporting for external penetration tests and vulnerability assessments.
  • Collaborate with cross-functional teams to provide guidance on Singtel's security standards, recommend best practices, and advise on effective remediation strategies.
  • Review penetration testing reports, prioritize identified vulnerabilities, and coordinate efforts to address them in a timely manner.
  • Track and report on the progress and outcomes of penetration testing and vulnerability assessments, ensuring that all findings are addressed appropriately.
• Maintenance of tools and Conduct Various Penetration Tests:
  • Perform different types of penetration testing (e.g., AI models, application, API, Infrastructure, etc.) following recognized methodologies, including OWASP and Singtel’s internal standards, utilizing both manual and automated testing methods, as needed.
  • Maintain and configure the tests required of automated testing tools to support black box and white box testing, and ensure alignment with latest industry test requirements e.g. OWASP, covering all forms of technologies e.g. Cloud Apps, On-prem Apps, COTS products, In-house developed Apps, AI models, APIs, OS, DB, VM, Network devices, etc.
  • Identify gaps in automated testing tools and propose new tooling required to augment testing program as needed.
• Bug Bounty Program Management:
  • Oversee and manage the bug bounty program and associated platforms for identifying and addressing reported vulnerabilities.
  • Validate/ triage the reported vulnerabilities, assess their impact on Singtel’s systems, and collaborate with relevant stakeholders to prioritize and remediate the issues.
  • Track and report on findings and outcomes from the bug bounty program to ensure timely resolution.
  • Develop engaging programs to boost the visibility and popularity of Singtel's bug bounty program.
• Manage and conduct secure code reviews using scanning tools and techniques to identify security weaknesses in software code.
• Analyze the results from code scans and work closely with development teams to implement necessary security fixes.
• Assist in the creation and implementation of secure coding practices across the organization.
• Vulnerability Retesting and Documentation:
  • Retest security vulnerabilities arising from various sources e.g. Bug Bounty, Penetration testing, etc. after remediation and update reports with the latest results and outcomes.
  • Develop and maintain comprehensive documentation for all vulnerability assessments, secured code reviews and penetration tests, including detailed findings, methodologies, and recommendations for improvements etc.
• Stay Current with Security Trends and Threats:
  • Continuously monitor the latest security trends, emerging vulnerabilities, and attack techniques to ensure that security testing methodologies and tools remain up-to-date and effective.

Skills for Success:

• Bachelor's degree in Computer Science, Information Security, or a related field.
• Attained OSCP or CREST.
• At least 5 years of experience working in Cyber and Information security field.
• Solid experience in application security testing, vulnerability assessment, secure code review and penetration testing.
• Proficiency in performing AI models, API and application security testing using manual techniques, as well as utilizing runtime vulnerability testing tools and/or code review tools.
• Strong understanding of OWASP Top 10, CWE/SANS Top 25, and other common vulnerability frameworks.
• Out of which, at least 3 years experience in delivering various AI model, API, application, infrastructure penetration testing, vulnerability assessment and secure code review.
• Proficiency in performing AI model, API and application security assessment using manual techniques.
• Proficient in using and managing various security tools and products like Fortify, AppScan, Webinspect, Burp Suite, Nessus, Guardrails AI, Giskard, Moonshot, Deepcheck, Evidently, Pyrit, Adversarial Robustness Toolbox (ART), PyRIT, etc.

Rewards that Go Beyond

• Full suite of health and wellness benefits.
• Ongoing training and development programs.
• Internal mobility opportunities.

Are you ready to say hello to BIG Possibilities?

Take the leap with Singtel to unlock new opportunities and accelerate your growth. Apply now and start your empowering career!

Seeking a highly skilled and motivated Senior Cyber Security Testing Specialist who is skilled in application and infrastructure penetration testing, vulnerability assessment and secure code review to conduct, guide and review the work of external and cross function team security testers. In this role, you will be responsible for assessing and enhancing the security posture of the organisation’s critical applications and infrastructure through comprehensive testing, vulnerability assessment, and penetration testing techniques. Your expertise will play a crucial role in identifying security vulnerabilities and recommending risk mitigation strategies to different senior stakeholders.

Make An Impact By

• Coordinate and Oversee Penetration Testing & Vulnerability Assessment Engagements:
  • Manage and coordinate penetration testing and vulnerability assessment engagements with external vendors, ensuring effective communication and collaboration between internal stakeholders and vendors.
  • Work closely with Domain security champions to review and tailor the scope, rules of engagement, testing methodologies, and reporting for external penetration tests and vulnerability assessments.
  • Collaborate with cross-functional teams to provide guidance on Singtel's security standards, recommend best practices, and advise on effective remediation strategies.
  • Review penetration testing reports, prioritize identified vulnerabilities, and coordinate efforts to address them in a timely manner.
  • Track and report on the progress and outcomes of penetration testing and vulnerability assessments, ensuring that all findings are addressed appropriately.
• Maintenance of tools and Conduct Various Penetration Tests:
  • Perform different types of penetration testing (e.g., AI models, application, API, Infrastructure, etc.) following recognized methodologies, including OWASP and Singtel’s internal standards, utilizing both manual and automated testing methods, as needed.
  • Maintain and configure the tests required of automated testing tools to support black box and white box testing, and ensure alignment with latest industry test requirements e.g. OWASP, covering all forms of technologies e.g. Cloud Apps, On-prem Apps, COTS products, In-house developed Apps, AI models, APIs, OS, DB, VM, Network devices, etc.
  • Identify gaps in automated testing tools and propose new tooling required to augment testing program as needed.
• Bug Bounty Program Management:
  • Oversee and manage the bug bounty program and associated platforms for identifying and addressing reported vulnerabilities.
  • Validate/ triage the reported vulnerabilities, assess their impact on Singtel’s systems, and collaborate with relevant stakeholders to prioritize and remediate the issues.
  • Track and report on findings and outcomes from the bug bounty program to ensure timely resolution.
  • Develop engaging programs to boost the visibility and popularity of Singtel's bug bounty program.
• Manage and conduct secure code reviews using scanning tools and techniques to identify security weaknesses in software code.
• Analyze the results from code scans and work closely with development teams to implement necessary security fixes.
• Assist in the creation and implementation of secure coding practices across the organization.
• Vulnerability Retesting and Documentation:
  • Retest security vulnerabilities arising from various sources e.g. Bug Bounty, Penetration testing, etc. after remediation and update reports with the latest results and outcomes.
  • Develop and maintain comprehensive documentation for all vulnerability assessments, secured code reviews and penetration tests, including detailed findings, methodologies, and recommendations for improvements etc.
• Stay Current with Security Trends and Threats:
  • Continuously monitor the latest security trends, emerging vulnerabilities, and attack techniques to ensure that security testing methodologies and tools remain up-to-date and effective.

Skills for Success:

• Bachelor's degree in Computer Science, Information Security, or a related field.
• Attained OSCP or CREST.
• At least 5 years of experience working in Cyber and Information security field.
• Solid experience in application security testing, vulnerability assessment, secure code review and penetration testing.
• Proficiency in performing AI models, API and application security testing using manual techniques, as well as utilizing runtime vulnerability testing tools and/or code review tools.
• Strong understanding of OWASP Top 10, CWE/SANS Top 25, and other common vulnerability frameworks.
• Out of which, at least 3 years experience in delivering various AI model, API, application, infrastructure penetration testing, vulnerability assessment and secure code review.
• Proficiency in performing AI model, API and application security assessment using manual techniques.
• Proficient in using and managing various security tools and products like Fortify, AppScan, Webinspect, Burp Suite, Nessus, Guardrails AI, Giskard, Moonshot, Deepcheck, Evidently, Pyrit, Adversarial Robustness Toolbox (ART), PyRIT, etc.

Rewards that Go Beyond

• Full suite of health and wellness benefits.
• Ongoing training and development programs.
• Internal mobility opportunities.

Are you ready to say hello to BIG Possibilities?

Take the leap with Singtel to unlock new opportunities and accelerate your growth. Apply now and start your empowering career!

Direct message the job poster from Ensign InfoSecurity

About the Role:

We are seeking a Senior / Cybersecurity Engineer with experience in IoT security testing to support our Cybersecurity Labelling Scheme (CLS) assessments. The candidate will work on penetration testing, and compliance assessments to ensure IoT products meet stringent cybersecurity requirements.

Key Responsibilities:

• Conduct security evaluations for IoT devices in accordance with CSA Cybersecurity Labelling Scheme (CLS) requirements.
• Perform penetration testing, vulnerability assessments, etc. on IoT devices.
• Ensure compliance with ISO/IEC 17025, CLS (IoT) and other relevant cybersecurity frameworks.
• Prepare technical documentation, compliance reports, and security advisories for IoT manufacturers and clients.
• Research emerging IoT security threats and propose innovative mitigation strategies.
• Collaborate with government agencies, regulatory bodies, and certification authorities to establish cybersecurity testing methodologies.
• Bachelor's degree in Cybersecurity, Computer Engineering, or a related field.
• Minimum 2+ years of experience in cybersecurity testing, penetration testing, or vulnerability analysis for embedded / IoT devices.
• Understanding of CLS requirements.
• Hands-on experience on one or more of the following but not limited to:
• Debug interfaces such as JTag, UART, etc.
• Security testing tools (e.g., Kali Linux, Metasploit, Burp Suite, OWASP ZAP, Ghidra, etc.)
• Software Binary Analysis
• Mobile Apps Security (Android, iOS)
• Simple Power Analysis and Fault Injection Attack
• Strong analytical skills and ability to assess IoT device vulnerabilities and attack surfaces.
• Certification such as CISSP, CEH, OSCP, GSEC, or equivalent cybersecurity credential is a bonus.

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Computer and Network Security

Referrals increase your chances of interviewing at Ensign InfoSecurity by 2x

Get notified about new Cyber Security Engineer jobs in Kallang, Central Singapore Community Development Council, Singapore .

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Cybersecurity Engineer (IoT Device Security Testing)
Cybersecurity Engineer (IoT Device Security Testing)
Direct message the job poster from Ensign InfoSecurity
Join Us - Ensign InfoSecurity! | Conquer the Unknown | IHRP-CP
About the Role:
We are seeking a Senior / Cybersecurity Engineer with experience in IoT security testing to support our Cybersecurity Labelling Scheme (CLS) assessments. The candidate will work on penetration testing, and compliance assessments to ensure IoT products meet stringent cybersecurity requirements.
Key Responsibilities:
Conduct security evaluations for IoT devices in accordance with CSA Cybersecurity Labelling Scheme (CLS) requirements.
Perform penetration testing, vulnerability assessments, etc. on IoT devices.
Ensure compliance with ISO/IEC 17025, CLS (IoT) and other relevant cybersecurity frameworks.
Prepare technical documentation, compliance reports, and security advisories for IoT manufacturers and clients.
Research emerging IoT security threats and propose innovative mitigation strategies.
Collaborate with government agencies, regulatory bodies, and certification authorities to establish cybersecurity testing methodologies.
Bachelor's degree in Cybersecurity, Computer Engineering, or a related field.
Minimum 2+ years of experience in cybersecurity testing, penetration testing, or vulnerability analysis for embedded / IoT devices.
Understanding of CLS requirements.
Hands-on experience on one or more of the following but not limited to:
Debug interfaces such as JTag, UART, etc.
Security testing tools (e.g., Kali Linux, Metasploit, Burp Suite, OWASP ZAP, Ghidra, etc.)
Software Binary Analysis
Mobile Apps Security (Android, iOS)
Simple Power Analysis and Fault Injection Attack
Strong analytical skills and ability to assess IoT device vulnerabilities and attack surfaces.
Certification such as CISSP, CEH, OSCP, GSEC, or equivalent cybersecurity credential is a bonus.
Seniority level
Seniority level Mid-Senior level
Employment type
Employment type Full-time
Job function
Job function Information Technology
Industries Computer and Network Security
Referrals increase your chances of interviewing at Ensign InfoSecurity by 2x
Get notified about new Cyber Security Engineer jobs in
Kallang, Central Singapore Community Development Council, Singapore .
Information Technology - Cyber Security Analyst (Scoot)
Graduate Hiring - Cybersecurity Engineer
Information Technology - Cyber Security Engineer (Threat Management and Incident Response) (Scoot)
Information Technology - Cyber Security Lead Engineer
Security Engineer (SOC Analyst) - Digital Bank
Senior Cybersecurity Engineer (Endpoint Protection, Detection and Response)
Information Technology - Cyber Security Specialist (Risk and Governance)
Offensive Security Engineer (Red Team) - Information Security
Cybersecurity Engineer (Operational Technology)
Data Center Security Specialist, Data Center Security
Cybersecurity Engineer - Asian Timezones
Principal/ Senior Cybersecurity Engineer
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr

Direct message the job poster from Ensign InfoSecurity

About the Role:

We are seeking a Senior / Cybersecurity Engineer with experience in IoT security testing to support our Cybersecurity Labelling Scheme (CLS) assessments. The candidate will work on penetration testing and compliance assessments to ensure IoT products meet cybersecurity requirements.

Key Responsibilities:

• Conduct security evaluations for IoT devices in accordance with CSA Cybersecurity Labelling Scheme (CLS) requirements.
• Perform penetration testing, vulnerability assessments, etc., on IoT devices.
• Ensure compliance with ISO/IEC 17025, CLS (IoT), and other relevant cybersecurity frameworks.
• Prepare technical documentation, compliance reports, and security advisories for IoT manufacturers and clients.
• Research emerging IoT security threats and propose mitigation strategies.
• Collaborate with government agencies, regulatory bodies, and certification authorities to establish testing methodologies.
• Bachelor's degree in Cybersecurity, Computer Engineering, or a related field.
• Minimum 2+ years of experience in cybersecurity testing, penetration testing, or vulnerability analysis for embedded/IoT devices.
• Understanding of CLS requirements.
• Hands-on experience with security testing tools (e.g., Kali Linux, Metasploit, Burp Suite, OWASP ZAP, Ghidra).
• Experience in debugging interfaces such as JTag, UART, etc.
• Knowledge of software binary analysis, mobile app security (Android, iOS), and attack techniques like Power Analysis and Fault Injection.
• Strong analytical skills to assess vulnerabilities and attack surfaces.
• Certifications such as CISSP, CEH, OSCP, GSEC, or equivalent are a bonus.

Mid-Senior level

Full-time

Information Technology

Computer and Network Security

Referrals increase your chances of interviewing at Ensign InfoSecurity by 2x.

Get notified about new Cyber Security Engineer jobs in Kallang, Central Singapore Community Development Council, Singapore .

Senior Cybersecurity Engineer (IoT Device Security Testing)
Direct message the job poster from Ensign InfoSecurity
Join Us - Ensign InfoSecurity! | Conquer the Unknown | IHRP-CP
About the Role:
We are seeking a Senior / Cybersecurity Engineer with experience in IoT security testing to support our Cybersecurity Labelling Scheme (CLS) assessments. The candidate will work on penetration testing and compliance assessments to ensure IoT products meet cybersecurity requirements.
Key Responsibilities:
Conduct security evaluations for IoT devices in accordance with CSA Cybersecurity Labelling Scheme (CLS) requirements.
Perform penetration testing, vulnerability assessments, etc., on IoT devices.
Ensure compliance with ISO/IEC 17025, CLS (IoT), and other relevant cybersecurity frameworks.
Prepare technical documentation, compliance reports, and security advisories for IoT manufacturers and clients.
Research emerging IoT security threats and propose mitigation strategies.
Collaborate with government agencies, regulatory bodies, and certification authorities to establish testing methodologies.
Bachelor's degree in Cybersecurity, Computer Engineering, or a related field.
Minimum 2+ years of experience in cybersecurity testing, penetration testing, or vulnerability analysis for embedded/IoT devices.
Understanding of CLS requirements.
Hands-on experience with security testing tools (e.g., Kali Linux, Metasploit, Burp Suite, OWASP ZAP, Ghidra).
Experience in debugging interfaces such as JTag, UART, etc.
Knowledge of software binary analysis, mobile app security (Android, iOS), and attack techniques like Power Analysis and Fault Injection.
Strong analytical skills to assess vulnerabilities and attack surfaces.
Certifications such as CISSP, CEH, OSCP, GSEC, or equivalent are a bonus.
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Information Technology
Industries
Computer and Network Security
Referrals increase your chances of interviewing at Ensign InfoSecurity by 2x.
Get notified about new Cyber Security Engineer jobs in
Kallang, Central Singapore Community Development Council, Singapore .
#J-18808-Ljbffr

Responsibilities (Banking Sector Client):

• You will be responsible to migrate and onboard client bank's applications into Dynamic Application Security Testing (DAST) platform.
• Onboarding process and technicalities require candidates to be technical person.
• This role will include tasks to deliver and ensure DevOps systems reliability, availability and getting systems back to steady state as quickly as possible.
• You design and implement automation initiatives, perform script development and use DevOps tools to the advantage. In this portfolio of DevOps platform, you would also be responsible to maintain all DevOps Enterprise toolsets, OS patching, tools version upgrades, certificate-renewals. You would adopt enterprise monitoring culture, implementing SRE principles to identify and remediate issues before SLA, SLI, SLOs are violated.
• The successful candidate will be a technically savvy, dynamic leader, excellent communicator, have demonstrable technical hand-on supporting DevOps toolset coupled with excellent infrastructure knowledge and automation expertise.
• As part of a cross-functional product development group, you should be comfortable with working as part of highly talented teams ensuring that modern technology and process are utilised as part of the role.

Requirements:

• We’re looking for a hands-on engineer who will be:
• MUST have deep hands-on knowledge and experience in Dynamic Application Security Testing (DAST) methodology and related tools like App Scan
• MUST have deep hands-on knowledge and experience in DevOps tool chain support and operability
• Ensures all DevOps tools 100% uptime, ensuring high levels of application reliability and resiliency
• Supporting and maintaining full stack DevOps toolsets. (Jira, Confluence, Bitbucket, Jenkins, SonarQube, Artifactory, xRay)
• Troubleshoot, deep dive RCA and fix DevOps platform issues related to DevOps platforms
• Establish enterprise monitoring capabilities for DevOps toolsets
• Has deep technical knowledge on debug, troubleshooting Jenkins groovy scripts, pipelines thru Jenkins, Bitbucket, SonarQube, etc
• Able to code, script, automate full DevOps automation capabilities to enhance and elevate automation from manual human tasks.
• Always able to find ways to automate, develop scripts, innovate new ideas to reduce human work and repetitive tasks.
• Support OS and DevOps applications patching related activities.
• Remediate DevOps infrastructure issues such as Control-M jobs, backup jobs, BMC Alerts, schedulers, cron-batch, shell scripting commands, etc.
• MUST have automation through server-side Unix/Linux shell scripting technical knowledge
• Work with the vendors in areas of technical support, upgrade DevOps tools, etc
• Configuring server side items - SSO, SSL, Load Balancer, Auto Scaling and DNS setup

Key Domain/ Technical Skills (Must Have):

• · Knowledge of DevOps Tools
• · Technical hands-on knowledge in Dynamic Application Security Testing (DAST) HCL AppScan
• · Deep Technical hands-on knowledge in Atlassian stack (Jira, Confluence, Bitbucket)
• · Deep Technical hands-on knowledge in platforms such as Jenkins, SonarQube, Artifactory, xRay
• · Debug and Issue Troubleshooting
• · Debug, troubleshooting, diagnose, fix platforms related issues for all the above DevOps tools
• · Debug, troubleshooting, diagnose, fix groovy scripts issues (runtime Build, Deploy, Scan, etc)
• · Pipeline development and Automation
• · Hand-on experience in coding, developing and maintaining CI/CD build, deploy pipelines
• · Deep Technical experience in automation with groovy scripts.
• · Deep technical experience in server-side Unix/Linux shell scripting.
• · Able to develop and enhance new automation scripts thru Jenkins pipelines (Groovy scripts, APIs)
• · Platform Tool Support
• · Prior working experience installing, configuring, integrating, upgrading and patching CI/CD toolset.
• · MUST be able to work in stretch example: off-office hours support (weekends, holidays)
• · Support and maintain all DevOps platform tools uptime to meet SLA
• · Support DevOps pipelines issues (Build, Scan, Deploy, Run, Test) phases of DevOps
• · Support to DevOps champions and development team
• · Should:
• · Build relationships with DevOps domain champions, development communities and developers
• · Comfortable working in a challenging environment
• · Able to design a strategy and then execute against it
• · Manage delivery of complex projects by simplifying into smaller deliveries
• · Ability to benchmark industry standard tools and implement it UOB
• · Advantageous
• · Knowledge of SRE best practices
• · Implement SLI, SLO key indicators to this role
• · Extensive background in working with service support teams Infrastructure, Network, Storage, Security, Operations
• · Self-directed and comfortable working in ambiguous environments
• Experience working in a highly matrixed organization

Responsibilities:

You will be responsible for ensuring DevOps systems reliability, availability and getting systems back to steady state as quickly as possible. You cultivate automation initiatives, script development and transformation of DevOps tools and operability. You ensure automation thru self-service channels. You would also be maintaining all DevOps Enterprise toolsets, OS patching, tools version upgrades, certificate-renewals. You would be able to cultivate enterprise monitoring culture, living and breathing SRE principles to identify and remediate issues before SLA, SLI, SLOs are violated. The successful candidate will be a technically savvy, dynamic leader, excellent communicator, have demonstrable technical hand-on supporting DevOps toolset coupled with excellent infrastructure knowledge and automation expertise.

As part of a cross-functional product development group, you should be comfortable with working as part of highly talented teams ensuring that modern technology and process are utilised as part of the role.

We’re looking for a hands-on engineer who will be:

• UST have deep hands-on knowledge and experience in DevOps tool chain support and operability

• E sures all DevOps tools 100% uptime, ensuring high levels of application reliability and resiliency

• S pporting and maintaining full stack DevOps toolsets. (Jira, Confluence, Bitbucket, Jenkins, SonarQube, Artifactory, xRay)

• T oubleshoot, deep dive RCA and fix DevOps platform issues related to DevOps platforms

• E tablish enterprise monitoring capabilities for DevOps toolsets

• H s deep technical knowledge on debug, troubleshooting Jenkins groovy scripts, pipelines thru Jenkins, Bitbucket, SonarQube, etc

• A le to code, script, automate full DevOps automation capabilities to enhance and elevate automation from manual human tasks. Always able to find ways to automate, develop scripts, innovate new ideas to reduce human work and repetitive tasks.

• S pport OS and DevOps applications patching related activities.

• R mediate DevOps infrastructure issues such as Control-M jobs, backup jobs, BMC Alerts, schedulers, cron-batch, shell scripting commands, etc.

• M ST have automation thru server-side Unix/Linux shell scripting technical knowledge

• W rk with the vendors in areas of technical support, upgrade DevOps tools, etc

• C nfiguring server side items - SSO, SSL, Load Balancer, Auto Scaling and DNS setup

Requirements:

Knowledge of DevOps Tools

• T chnical hands-on knowledge in Dynamic Application Security Testing (DAST) HCL AppScan

• D ep Technical hands-on knowledge in Atlassian stack (Jira, Confluence, Bitbucket)

• D ep Technical hands-on knowledge in platforms such as Jenkins, SonarQube, Artifactory, xRay

Debug and Issue Troubleshooting

• D bug, troubleshooting, diagnose, fix platforms related issues for all the above DevOps tools

• D bug, troubleshooting, diagnose, fix groovy scripts issues (runtime Build, Deploy, Scan, etc)

Pipeline development and Automation

• H nd-on experience in coding, developing and maintaining CI/CD build, deploy pipelines

• D ep Technical experience in automation with groovy scripts.

• D ep technical experience in server-side Unix/Linux shell scripting.

• A le to develop and enhance new automation scripts thru Jenkins pipelines (Groovy scripts, APIs)

Platform Tool Support

• P ior working experience installing, configuring, integrating, upgrading and patching CI/CD toolset.

• M ST be able to work in stretch example: off-office hours support (weekends, holidays)

• S pport and maintain all DevOps platform tools uptime to meet SLA

• S pport DevOps pipelines issues (Build, Scan, Deploy, Run, Test) phases of DevOps

• S pport to DevOps champions and development team

Should:

• B ild relationships with DevOps domain champions, development communities and developers

• C mfortable working in a challenging environment

• A le to design a strategy and then execute against it

• M nage delivery of complex projects by simplifying into smaller deliveries

• A ility to benchmark industry standard tools and implement it to banking client

Advantageous

• K owledge of SRE best practices

• I plement SLI, SLO key indicators to this role

• E tensive background in working with service support teams Infrastructure, Network, Storage, Security, Operations

• S lf-directed and comfortable working in ambiguous environments

• E perience working in a highly matrixed organization

Overview

Join to apply for the Security Engineer role at DXC Technology .

3 days ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

• Monitor and manage security infrastructure and tools in scope (e.g., AV, DLP, EDR, DAM, PKI, PAM, HSM, Vulnerability Scanner, SIEM)
• Receive and respond to security incidents and events via established workflows and automation tools
• Support configuration and troubleshooting of infrastructure security solutions, including:
• DLP, AV, HIPS (Trellix)
• EDR (Carbon Black)
• DAM (Imperva)
• SLIFT encryption
• Log and SIEM (Splunk)
• Microsoft CA PKI
• RSA 2FA and CyberArk (PAM)
• Act as the escalation point for infrastructure-related incidents during office hours and provide standby/on-call support
• Assist in analysis, containment, and remediation of security incidents
• Prepare and maintain incident records, reports, and lessons learned documentation

• Security Operations & Implementation
• Monitor and manage security infrastructure and tools in scope (e.g., AV, DLP, EDR, DAM, PKI, PAM, HSM, Vulnerability Scanner, SIEM)
• Receive and respond to security incidents and events via established workflows and automation tools
• Support configuration and troubleshooting of infrastructure security solutions, including:
• DLP, AV, HIPS (Trellix)
• EDR (Carbon Black)
• DAM (Imperva)
• SLIFT encryption
• Log and SIEM (Splunk)
• Microsoft CA PKI
• RSA 2FA and CyberArk (PAM)
• Luna HSM (Thales)
• Tenable Nessus SC

• Act as the escalation point for infrastructure-related incidents during office hours and provide standby/on-call support
• Assist in analysis, containment, and remediation of security incidents
• Prepare and maintain incident records, reports, and lessons learned documentation

• Conduct regular vulnerability scans and assist with patching/remediation coordination
• Maintain awareness of known threats and assist in threat hunting activities
• Help maintain the security risk register and support identification of recurring issues or weak points

• Generate and maintain standard operating procedures (SOPs), knowledge articles, and technical documentation
• Support the development of regular service and incident reports
• Assist in compliance reporting and audits

• Engage with internal and client teams to understand business requirements and provide technical support
• Maintain awareness of industry trends and security best practices
• Participate in training to improve knowledge of tools and response processes

• Degree or diploma in Information Technology, Cybersecurity, or related field
• 1+ year experience in IT or security operations (internship, NOC, SOC, or IT support roles are acceptable)
• Familiarity with security concepts, tools, or certifications (even entry-level) is a strong plus
• Familiarity with network and host security technologies (EDR, AV, HIPS, DLP, Firewalls)
• Basic understanding of SIEM platforms (e.g., Splunk), PKI, and log correlation
• Experience in working with or supporting some of the following:
• Trellix Endpoint Security (AV, DLP, HIPS)
• Carbon Black EDR
• Imperva DAM
• Microsoft PKI and Certificates
• CyberArk and RSA 2FA
• Tenable Nessus Security Center
• Luna HSM (Thales)

• Understanding of information security principles, CIA triad, and risk assessment basics
• Exposure to Windows and Linux environments
• Ability to create basic documentation and reports
• Willingness to take initiative and learn from senior engineers

• CompTIA Security+
• Microsoft SC-900 / AZ-900
• EC-Council CEH (or equivalent)
• Any vendor training (e.g., Trellix, Carbon Black, Splunk Fundamentals)

• Based in client or office site (hybrid possible depending on project)
• Standard office hours, Mon–Fri
• Participation in standby/on-call roster for incident response and escalations

At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.

• Entry level

• Full-time

• Information Technology

• IT Services and IT Consulting

Referrals increase your chances of interviewing at DXC Technology by 2x

Get notified about new Security Engineer jobs in Singapore, Singapore .