jobs in MAESTRO HUMAN RESOURCE PTE. LTD.

MAESTRO HUMAN RESOURCE PTE. LTD. Hiring! Full Time IT Security Lead (AMK) in Islandwide (Singapore), Earn up to SGD 6,000 - Ricebowl

IT Security Lead (AMK)

MAESTRO HUMAN RESOURCE PTE. LTD.

SGD6,000 - SGD6,000 Per Month

Islandwide (Singapore)

Share
Save

Working Location

  • Islandwide (Singapore) Singapore

Job Description

Responsibilities

Job Summary

The IT Security Lead manages end-to-end security governance, compliance, and operations for mission-critical systems, collaborating with cross-functional teams and external auditors to ensure adherence to government security policies.

Responsibilities

Day 1 – Project / Implementation Security

  • Define and implement system security architecture aligned with Singapore Government policies
  • Review application, middleware, infrastructure, and platform designs for security compliance
  • Conduct threat modeling and risk assessments, mapping risks to mitigating controls
  • Translate policy requirements into actionable technical controls across technology stacks
  • Ensure compliance with IM8, Whole-of-Government security requirements, and PDPA where applicable
  • Establish and oversee cybersecurity governance across infrastructure, application, and project teams
  • Prepare and maintain documentation including Security Risk Assessments, Vulnerability Assessments, Penetration Testing reports, and security hardening baselines
  • Partner with software teams to enforce secure coding standards and DevSecOps practices
  • Integrate and govern SAST/DAST, dependency/SCA scanning, and container image scanning within CI/CD pipelines
  • Review and triage security tool findings, driving remediation and risk acceptance decisions
  • Provide guidance on API security, token/secret management, and secure service-to-service communication
  • Plan, coordinate, and manage vulnerability and penetration testing engagements and vendors
  • Track remediation progress to closure and document residual risks and risk acceptance
  • Support security clearances and go-live certifications
  • Review and approve OS, middleware, database, Kubernetes/container security, API gateway, WAF, rate-limiting, and authentication configurations

Day 2 – Operations / Production Security

  • Lead security incident investigations, containment, and recovery efforts
  • Perform root cause analysis and define corrective and preventive actions
  • Coordinate with Government SOC and stakeholders; contribute to and refine incident response playbooks
  • Communicate security incidents clearly to technical and non-technical audiences
  • Oversee continuous vulnerability monitoring and posture management
  • Track patch and configuration compliance across infrastructure, middleware, applications, and containers
  • Provide risk assessments and compensating controls for deferred patches
  • Review and tune alerts, detections, and dashboards in SIEM and related tools
  • Ensure monitoring coverage for critical systems and high-value assets
  • Support internal and external audits, evidence collection, and closure of audit findings
  • Prepare and present security posture, metrics, and trend reports to management
  • Maintain risk registers and mitigation plans with up-to-date security documentation
  • Communicate security assessments and findings effectively to varied stakeholders
  • Oversee and periodically review RBAC, MFA, Privileged Access Management, and joiner/mover/leaver processes
  • Ensure least privilege access, segregation of duties, and periodic access recertifications
  • Support incident response handling, log analysis, and activity reviews
  • Drive continuous improvement across identify, protect, detect, respond, and recover functions

Required competencies and certifications

  • Degree in Computer Science, Cybersecurity, Information Security, or equivalent
  • 8–12 years of IT experience including at least 5 years as a Security Lead or Security Architect
  • Proven experience in Singapore Government IT projects and IM8/government security compliance
  • Hands-on experience with Kubernetes/Docker security, API security, Identity & Access Management (IAM), and security tools (SAST/DAST/SIEM) integrated with CI/CD

Preferred competencies and qualifications

  • Certifications such as CISSP, CISM, CISA, CEH, GIAC (e.g., GSEC, GCIA, GCIH, GCSA)
  • AWS or Azure Security certifications

5 day week @ AMK area


Maestro HR
damien lee tian hong
R1106726
16C8462

Important Information

Never provide your bank or credit card details when applying for jobs. Do not transfer any money or complete unrelated online surveys. If you see something suspicious, Report this Job ad.

Learn More