Software Engineer in Cybersecurity

Assurity Trusted Solutions (ATS), a proud subsidiary of the Government Technology Agency (GovTech), has established itself as a leading provider of comprehensive cybersecurity solutions over the last decade. We deliver a wide array of services that include infrastructure management, operational support, authentication services, governance, and assurance. In an ever-evolving digital landscape, where trust and collaboration are paramount, ATS collaborates closely with GovTech, various government agencies, and private sector partners to effectively mitigate cyber risks and enhance security frameworks. As an Offensive Cybersecurity Engineer, you will be pivotal in executing collaborative security testing engagements, and you may also undertake independent projects that focus on security assessments. Job Summary:Conduct thorough Vulnerability Assessment and Penetration Testing (VAPT) across various systems, networks, and applications, catering to both small-to-medium enterprises (SME) and large-scale enterprise environments.Perform detailed source code and host configuration reviews to ensure compliance with industry best practices and security standards.Generate detailed technical documentation that outlines identified vulnerabilities, impact assessments, risk evaluations, and actionable remediation strategies.Stay updated on the latest threat landscapes, emerging vulnerabilities, and industry trends to continually enhance the organization’s VAPT capabilities.Provide expert cybersecurity consultancy, offering strategic recommendations to improve customers’ overall security posture.Assist in the development of technical methodologies and standards to uphold excellence within the VAPT delivery teams.

At Assurity Trusted Solutions (ATS), a subsidiary of the Government Technology Agency (GovTech), we pride ourselves on being a trusted partner in navigating the complexities of the digital and cyber landscape. For over a decade, we have provided a diverse range of products and services, including infrastructure and operational services, authentication solutions, governance, assurance services, and managed processes. Our collaborative efforts with GovTech, government agencies, and commercial partners focus on mitigating cyber risks and enhancing security postures for our clients.As a Senior/Lead Offensive Cybersecurity Engineer, you will lead a dynamic team in innovative security testing initiatives or exercise your expertise as an independent security consultant. Your role will be pivotal in ensuring our clients receive the highest level of security assurance.Job Summary:Oversee comprehensive Vulnerability Assessment and Penetration Testing (VAPT) initiatives across various systems, networks, and applications, serving a diverse clientele, from small businesses to large enterprises.Guide source code and host configuration reviews to ensure clients' systems meet industry best practices and security standards.Develop detailed technical documentation outlining identified vulnerabilities, their impacts, risk assessments, and actionable remediation strategies.Manage relationships with key customer stakeholders.Assist in defining engagement scopes and services tailored to clients’ needs and goals.Keep abreast of the latest threat landscapes, emerging vulnerabilities, and industry advancements to enhance the organization’s VAPT capabilities.Provide expert cybersecurity consultancy services, offering recommendations to improve clients’ security postures.Establish technical methodologies and standards to ensure excellence within VAPT delivery teams.Mentor junior offensive cybersecurity engineers during engagements to foster team development.Review technical outputs and reports to maintain consistent quality standards.

Are you passionate about enhancing security protocols and ensuring robust protection against vulnerabilities? Join our dynamic team as a Security Testing & Assurance Specialist. In this role, you will leverage your expertise in Vulnerability Assessment and Penetration Testing (VAPT) and Open Web Security Testing Guide (OWSTG) to identify potential threats and implement effective security measures.You will work closely with cross-functional teams to assess security risks, conduct thorough testing, and provide actionable recommendations to safeguard our systems. Your insights will be pivotal in shaping our security strategy and fortifying our defenses.

Join Assurity Trusted Solutions (ATS), a subsidiary of the Government Technology Agency (GovTech), as a Cybersecurity Threat Risk Trainer. With over a decade of experience, ATS provides a robust suite of cybersecurity solutions, including infrastructure services, authentication, governance, and assurance services. In an increasingly complex digital landscape, we prioritize trust and collaboration to enhance security and mitigate cyber risks through partnerships with GovTech and various agencies.In this role, your expertise in threat risk modeling and vulnerability assessment penetration testing (VAPT) will be invaluable as you develop and deliver training workshops tailored for ICT officers. This position is contract-based until March 31, 2027.

Join ncs3 as a Lead Consultant in our Security Assessment Services team, specializing in Vulnerability Assessment and Penetration Testing (VAPT), OSCP, GCPN, and OSWE certifications. You will be responsible for delivering high-quality security assessments and providing expert guidance to clients on enhancing their security posture.

BitMEX seeks a Senior Offensive Security Engineer to join the Product Security team in Singapore. This position centers on maintaining critical security systems that protect the platform’s architecture. Collaboration with engineering and DevOps teams is a core part of the role, providing guidance on security best practices. Role overview This role focuses on safeguarding the platform by ensuring key security controls remain effective and up to date. The Senior Offensive Security Engineer will work closely with technical teams to identify risks and help implement practical solutions. What you will do Maintain and improve security systems that defend the platform’s infrastructure Support engineering and DevOps teams by advising on secure design and implementation Promote security best practices across the organization Location This position is based in Singapore.

Join Adventus as an Associate Cybersecurity Engineer and play a vital role in protecting our information systems and networks. You will collaborate with a team of cybersecurity professionals to implement security measures, conduct vulnerability assessments, and respond to incidents, ensuring the integrity of our data and infrastructure.

Assurity Trusted Solutions (ATS), a subsidiary of the Government Technology Agency (GovTech), has been a reliable partner for over a decade, providing a comprehensive array of products and services. Our offerings include infrastructure and operational services, governance and assurance services, and managed processes. In the ever-evolving digital and cybersecurity landscape, where trust and collaboration are paramount, ATS is dedicated to achieving mutually beneficial outcomes by working closely with GovTech, various governmental agencies, and commercial partners to reduce cyber risks and enhance security measures.We invite skilled professionals to join our team as Cybersecurity Engineers, specifically those with a solid foundation in Security Operations (SecOps). Successful candidates will be employed under a direct contract until November 30, 2028.Key Responsibilities:Develop and uphold cybersecurity standards, procedures, configurations, and rules for systems and services as part of our dedicated team.Conduct security exercises, including table-top and simulation drills, to validate security procedures.Engage in security incident response, analyzing alerts, coordinating with system operators, identifying threats, and performing initial triaging before escalating to senior security responders.Coordinate Indicators-Of-Compromise (IOC) scanning and compile reports from various system operators to provide consolidated updates to stakeholders.Conduct vulnerability assessments using both automated and manual tools, and recommend actionable remediation strategies. Understand published vulnerabilities and their corresponding security patches in relation to deployed systems, and perform risk assessments.Monitor and communicate security patch releases for various products, and participate in security patch assessments using standards like the Common Vulnerability Scoring System (CVSS), contextualized within the deployed environment.Present findings and reports to stakeholders regarding vulnerability scans, security testing outcomes, security incidents, and the overall security posture of systems.

Join Assurity Trusted Solutions (ATS), a subsidiary of the Government Technology Agency (GovTech), as we lead in the ever-evolving landscape of cybersecurity. With a decade of experience, we offer an extensive range of products and services, including infrastructure and operational services, authentication, governance, and assurance services, all aimed at fostering trust and collaboration in the digital world.We are seeking a Senior Cybersecurity Engineer specializing in Architecture and Solutioning. The ideal candidate will be well-versed in Network Security or Device/Endpoint Management and will be engaged in a contract capacity.Key Responsibilities: Act as the subject matter expert (SME) in Cybersecurity. Conduct thorough Threat Risk Assessments across applications, cloud infrastructure, and enterprise systems. Utilize structured methodologies (e.g., STRIDE) for Threat Modelling, integrating MITRE ATT&CK effectively. Lead and collaborate with multi-disciplinary teams to implement cyber security controls across various environments, including cloud and on-premises. Provide insights for configuring and improving security detection and response tools (e.g., SIEM, VA, NDR, XDR, EDR) for enhanced operational efficiency. Evaluate new technologies and validate their security through lab setups and proofs of concept (PoC). Draft and specify technical security clauses for project tenders. Analyze, document, and present security findings and recommendations to stakeholders. Work with governmental bodies to define security requirements and collaborate with industry partners to implement functional capabilities. Ensure compliance with secure software development lifecycle practices, maintaining high coding standards and delivering quality products. Qualifications: Minimum of 5 years of experience in the cybersecurity domain. Proven experience in managing, deploying, and maintaining security infrastructure. Ability to manage contractors and collaborate effectively with cross-functional teams. Experience in conducting comprehensive security assessments, including threat modelling, vulnerability assessments, and penetration testing. Up-to-date knowledge of cybersecurity tools, technologies, and standards (e.g., OWASP and MITRE ATT&CK). Strong communication and interpersonal skills. Self-motivated with logical and analytical thinking abilities.

Join our dynamic team at xcellink as a Mid-Level Cybersecurity Engineer. In this pivotal role, you will utilize your technical skills to protect critical information systems and facilitate secure operations across our organization.Key ResponsibilitiesConduct security assessments and penetration testing to identify vulnerabilities and develop threat models.Implement and automate security tools within CI/CD pipelines to enhance security measures.Respond to security incidents and provide education on secure coding practices to developers, ensuring adherence to security standards and regulations.Collaborate with IT and other departments to promote and implement security best practices.Stay informed about emerging cybersecurity trends, threats, and technologies.Monitor security systems and assist in incident response efforts.Evaluate current cybersecurity protocols and propose improvements to strengthen security posture.Document findings, procedures, and recommendations comprehensively.Mentor and guide junior cybersecurity engineers within the team.

Assurity Trusted Solutions (ATS), a proud subsidiary of the Government Technology Agency (GovTech), is at the forefront of providing a robust suite of cybersecurity products and services. With over a decade of experience, ATS collaborates with GovTech, various government agencies, and commercial partners to enhance security frameworks and mitigate cyber risks in an evolving digital landscape. Our commitment to trust and collaboration drives unparalleled business outcomes.Key Responsibilities:Lead the Security Orchestration, Automation, and Response (SOAR) processes to streamline cybersecurity operations and enhance incident response efficiency.Design and implement automated workflows to minimize manual cybersecurity tasks.Develop and maintain automation scripts and playbooks to facilitate operations, including reporting, monitoring, and incident response.Establish and uphold development standards for playbooks, including naming conventions, parameterization, and logging protocols.Optimize existing sub-playbooks for improved performance, error handling, and flexibility.Refactor legacy playbooks to promote reusability and consistency.Oversee integration of the SOAR platform with third-party applications and systems to align with operational workflows.Conduct thorough testing and validation of playbooks to ensure robustness in automated workflows and integration code.Implement and manage automation technologies within existing security frameworks.Collaborate effectively with cross-functional teams to ensure the successful integration of security automation initiatives.Engage with third-party system administrators or vendors to resolve integration and data flow challenges.Define and execute interface testing scenarios to validate successful integration.Monitor automation performance, identifying and addressing bottlenecks or failure points.Document workflows, decision-making logic, sub-playbook dependencies, and version changes comprehensively.Stay abreast of emerging security threats and technologies to propose innovative automated solutions.Provide training and support to team members on automated security processes and tools.

Join Assurity Trusted Solutions (ATS), a leading subsidiary of the Government Technology Agency (GovTech), as we navigate the evolving digital and cyber landscape. For over a decade, ATS has been a trusted partner, delivering a robust range of products and services including infrastructure and operational services, authentication solutions, governance and assurance services, and managed processes. We collaborate with GovTech, various government agencies, and commercial partners to enhance security postures and mitigate cyber risks, striving for mutually beneficial outcomes in a world where trust and collaboration are paramount.We are actively seeking a skilled Cybersecurity Engineer specializing in Digital Forensics and Incident Response to join our dynamic team.Key Responsibilities:Lead incident response initiatives through every phase of an incident:Conduct thorough triage and investigations of suspected cybersecurity incidents to ascertain scope and severity.Develop and implement effective containment strategies.Carry out comprehensive investigations and root cause analyses to pinpoint attack vectors, tactics, and impacts.Perform digital forensic acquisitions and analyses of artifacts from diverse sources, including:Endpoint systems and serversNetwork devices and logsCloud environmentsMobile devices and storage mediaMaintain transparent communication with stakeholders throughout the incident lifecycle and prepare detailed post-incident reports with preventive recommendations.Offer expert insights for automating Security Operations (e.g., implementing SOAR playbooks).Develop and test incident response playbooks and processes.Stay informed of the cybersecurity landscape and emerging threat actor TTPs.

Join Assurity Trusted Solutions (ATS), a proud subsidiary of the Government Technology Agency (GovTech), where we have been a trusted partner for over a decade. Our mission is to provide an extensive range of products and services, including infrastructure and operational services, authentication services, as well as governance and assurance services. In a rapidly evolving digital landscape, we are committed to fostering trust and collaboration with GovTech, government agencies, and commercial partners to effectively mitigate cyber risks and enhance security postures.We are seeking a passionate and experienced Senior Cybersecurity Engineer, specializing in Endpoint Protection and Endpoint Detection and Response, to join our dynamic team!Your Key Responsibilities: Lead the implementation of enterprise security infrastructures, focusing on Endpoint Protection (EPP) and Endpoint Detection and Response (EDR), which includes contractor management, design validation, and test acceptance. Develop and maintain comprehensive security policies for EPP and EDR to monitor compliance and detect potential security threats. Engage with stakeholders to translate business, technology, and security requirements into actionable roadmaps for EPP/EDR enhancements and rollouts. Oversee ongoing maintenance of enterprise security infrastructures to ensure service and security posture reliability. Provide consultancy for threat and risk assessments throughout the system lifecycle, from implementation through to maintenance. Establish and maintain disaster recovery procedures, and conduct security breach drills. Assist in managing security incidents, focusing on containment and recovery processes. Plan and participate in security operations to ensure adherence to defined information security policies and standards, while adapting to evolving security threats.

Assurity Trusted Solutions (ATS), a subsidiary of the Government Technology Agency (GovTech), has been a reputable partner in the cybersecurity domain for over a decade. We provide an extensive range of services including infrastructure management, operational services, governance, assurance, and managed processes. In an ever-evolving digital landscape where trust and collaboration are paramount, ATS is committed to fostering secure environments through partnerships with GovTech, government agencies, and commercial stakeholders, effectively mitigating cyber risks and enhancing security frameworks.Key Responsibilities:GRC Leadership & Second Line of DefenceLead the governance of risk and compliance (GRC) within our team, shaping our approach to managing risks across various products and platforms.Function as the second line of defence for ICT risk and controls, providing an independent review of risk management, control design, and their effectiveness.Collaborate closely with the Product team to incorporate practical security measures and compliance protocols into daily operations.Security Plan Governance and AutomationOversee the governance and standards for Security Plan submissions across CIOO and product teams, ensuring templates, minimum evidence expectations, and quality benchmarks are maintained.Evaluate Security Plans and supporting documentation, assess control coverage and implementation maturity, and recommend approvals to stakeholders.Implement automation as an ongoing audit mechanism:Work with product and platform teams to establish automated checks for Security Plan evidence.Utilize automated checks to identify gaps, anomalies, and missing evidence, driving remediation efforts with product teams.Monitor and report on KPIs related to Security Plans, including control coverage, consistency, cycle times, and defect rates across CIOO and product teams.ICT Audit and Evidence ManagementDevelop, implement, and manage workflows for ICT audit, risk management, and findings reporting.Organize and maintain documentation and knowledge repositories as the definitive source for:ICT audit plans, scopes, and proceduresControl descriptions and standard evidence templatesCentralized repositories of audit evidence and Security Plan materialsPlan and conduct thematic and product-level ICT audits under the CISO’s guidance, independently verifying:Completion of required tasksReliability and sufficiency of evidence provided by product teams

Adventus is a leading Information and Communications Technology (ICT) Solutions and Services Provider with a significant global presence.Our mission is to empower organizations to drive transformative change by utilizing intelligent applications of innovative solutions and essential services, enabling them to excel in an increasingly competitive marketplace.With a robust network of technology partners, unparalleled domain expertise, and a unique value proposition, we consistently strive to exceed our customers' expectations.

Job Summary: Join us as a Trend Micro Engineer, where you will be instrumental in enhancing our IT security framework and operational efficiency. Your expertise will focus on utilizing the comprehensive suite of Trend Micro products, including Apex One, IMSVA, IWSVA, Server Protect, Email Security, and Cloud App Security, while integrating them with Microsoft Deployment Toolkit (MDT). By leveraging Trend Micro DDAN, Control Manager, and Apex Central, you will ensure robust threat intelligence and centralized management, thereby guaranteeing the secure, reliable, and optimized performance of our clients' IT infrastructure post-implementation.Key Responsibilities:Product Expertise and Deployment:Serve as the resident expert on Trend Micro and MDT products.Deploy, configure, and manage Trend Micro solutions to enhance IT operations.Continuous Monitoring and Maintenance:Utilize Control Manager and Apex Central for ongoing operational monitoring.Conduct routine maintenance, updates, and patches to address vulnerabilities.Incident Response and Problem Solving:Lead responses to cybersecurity threats and technical challenges using Trend Micro DDAN.Deliver immediate resolutions to minimize disruptions and boost operational efficiency.Security Policies and Compliance Management:Devise and implement stringent security protocols across all IT systems.Ensure compliance with regulatory standards and internal policies, using Trend Micro solutions for data protection and threat prevention.Reporting and Data Analysis:Create detailed reports on security incidents, system performance, and compliance status.Provide actionable insights and recommendations to optimize systems and mitigate risks.Collaboration and Training:Work closely with IT teams and various departments to promote secure and efficient operations.Facilitate training sessions on Trend Micro product functionalities, cybersecurity best practices, and effective system utilization.

As a wholly owned subsidiary of the Government Technology Agency (GovTech), Assurity Trusted Solutions (ATS) has established itself as a leading Trusted Partner over the past decade. We provide an extensive range of products and services, including infrastructure and operational services, governance and assurance services, along with managed processes. In today's fast-evolving digital and cyber landscape, where trust and collaboration are paramount, ATS is dedicated to fostering mutually advantageous business outcomes by working closely with GovTech, government agencies, and commercial partners to mitigate cyber risks and enhance security frameworks.We are seeking a skilled AI Engineer to develop agentic AI systems for various cybersecurity applications. This role integrates large language models (LLMs) with robust AI/ML foundations, including data pipelines, classical machine learning where applicable, thorough evaluations, and essential safety measures. The position is a direct contract with us until March 31, 2027, with the possibility of extension based on performance.Key Responsibilities:Design, develop, and deploy agentic AI functionalities such as planning/execution loops, tool utilization/function calling, and multi-step workflows aimed at security applications like vulnerability triage, assistive exploit reproduction, and incident-response support.Implement and strengthen retrieval-augmented generation (RAG) techniques, encompassing indexing, chunking, routing, re-ranking, feedback loops, and data governance tailored for sensitive environments.Establish evaluation and observability frameworks for LLM/agent workflows, including tracing, cost/latency/quality dashboards, and both offline and online evaluations to facilitate product enhancements.Develop safety measures and guardrails including content policies, schema/output validation, PII redaction, prompt-injection defenses, and controlled tool permissions, while monitoring these mechanisms in production environments.Utilize traditional machine learning techniques for tasks like classification, regression, and anomaly detection when advantageous; conduct A/B testing and error analysis to identify the optimal approach.Take ownership of productionization processes, including CI/CD for AI applications, containerization, scalable inference endpoints, vector/search infrastructure, and operational runbooks with established service-level objectives (SLOs) for reliability.Collaborate effectively with product and security teams to define challenges, produce concise design documentation, and rapidly iterate while adhering to security and privacy standards.Carry out other assigned tasks as necessary; responsibilities may evolve with the product requirements.

Role overview Sopra Steria seeks a Cybersecurity Consultant based in Singapore. The role centers on supporting clients as they improve their digital security posture. Consultants assess client environments and deliver solutions that protect data and networks from current and emerging threats. Key responsibilities Engage with clients to identify and analyze their cybersecurity needs Develop and apply security measures tailored to each client’s situation Participate in projects focused on enhancing digital protection and managing new risks Help advance the team’s cybersecurity practices through ongoing contributions

Join ASM: Where Innovation Meets CollaborationWith over 55 years of pioneering advancements in technology, ASM is at the forefront of semiconductor innovation. Our diverse team of over 4,500 professionals from 70 nationalities is instrumental in shaping the future through groundbreaking developments in 5G, cloud computing, AI, and autonomous driving. At ASM, we believe that technology can drive positive change, and we are committed to diversity, inclusion, and sustainability. Our development programs are designed to nurture your growth and unleash your potential.Role OverviewAs a Senior Cybersecurity Analyst, you will play a vital role in fortifying ASM’s global digital infrastructure by integrating robust security measures into essential systems and strategic projects. Your collaborative approach will help establish resilient security capabilities that safeguard our people, technology, and operations, empowering ASM to innovate confidently in a rapidly evolving semiconductor sector where reliability and trust are paramount.Key ResponsibilitiesEngage in architectural and design discussions for new solutions and initiatives.Collaborate with cross-functional teams to embed effective security controls into systems and processes.Assist in security investigations, assessments, and remediation efforts.Develop, implement, and uphold IT governance, risk, and compliance (GRC) frameworks, standards, and policies.Conduct cybersecurity and compliance risk evaluations across various technologies and business domains.Ensure that security controls are functioning effectively and consistently across teams.Support gap assessments, internal audits, and external audits.Participate in vendor due diligence processes and manage vendor risks.Engage in disaster recovery and business continuity planning, including cyber drills and business impact assessments.Serve as a cybersecurity expert for global IT teams, business partners, vendors, and contractors.Align cybersecurity priorities with business objectives through stakeholder engagement.Work collaboratively across time zones, with a willingness to accommodate occasional after-hours meetings.Lead or support security enhancement initiatives in areas such as OT security, AI security, and supply chain security.