Lead, Cloud Security COE

At Singtel, we believe in the strength of a vibrant, diverse and inclusive workforce where backgrounds, perspectives and life experiences of our people help us innovate and create strong connections with our customers. We strive to ensure all our people practices are non-discriminatory and provide a fair, performance-based work culture that is diverse, inclusive and collaborative.

Join us and experience what it’s like to be with an Employer of Choice*. Together, let’s create a brighter digital future for all. *Awarded at the HR Fest Awards 2020.

• Drive governance oversight and processes for cloud security compliance, best practices and risk management.

Provide cloud security advisory, design, engineering (including automation) and ops support for cloud security technology stacks.

Guide stakeholders during security escalation/incidents in the clouds and educate stakeholders on cloud security awareness and management reporting.

Support management reporting cloud security risks, remediation plans, and security metrics.

Drive cost-effective and streamlined operation of in-scope cloud security technology stacks.

Engage with multiple E level stakeholders (e.g., Enterprise Architecture, Enterprise Platform, TI, Consumer Business, Enterprise Business, Enterprise IT, Corp Systems etc) having varied set of cloud security awareness, business considerations, priorities and risks.

Keep abreast with new emerging cybersecurity/cloud trends, risks and incidents, and regulatory requirements affecting Singtel.

Regularly review and learn from historical events, outside-in lessons and thematic analysis, and drive improvement plans. Consistently look forward and be proactive in identifying improvements to futureproof existing cloud security controls

Bachelor degree in Cybersecurity, Information Security, Computer Science or equivalent technical degree.

Professional certifications like CISSP, CISM, CISA, CCSP, CRISC, GCIH or OSCP will be preferred.

At least 8 Years or more Cybersecurity risk assessment and risk reduction initiatives.

Application, infrastructure, cloud and cybersecurity technologies including CNAPP, DevSecOps, containers.

Application/network vulnerability assessment and validation.

Regulatory requirements, security standards, and best practices pertaining to cybersecurity and cloud risk management.

MITRE frameworks, threat modelling, assessment, and hunting.

Security operations, especially security incident handling.

Cloud architecture, design, implementation, and operation.

Hands-on experience in system integrations and any of the abovementioned requirements will be preferred.

CSP-specific professional certifications from AWS, Azure, Google will also be advantageous.

Experience in conducting audit or assurance testing.

Experience in conducting thematic analysis.