About this role
[What the role is]
We are seeking an experienced Application Security Engineer to be part of the Platforms Architecture & Engineering (PAE) and strengthen our organisation's security posture by implementing robust security measures throughout our software development lifecycle. The ideal candidate will work closely with development teams and operation teams to ensure security is embedded in our applications from design to deployment.[What you will be working on]
In this position, you will:
Conduct security assessments, threat modelling, and code reviews to identify vulnerabilities in applications
Design and implement security controls, authentication mechanisms, and encryption solutions
Develop and maintain secure coding guidelines and security standards
Collaborate with development teams to remediate security issues and provide guidance on secure coding practices
Conduct security awareness training sessions for development teams
Monitor and respond to security incidents related to application vulnerabilities
Evaluate and implement security tools and technologies
Maintain documentation of security processes and procedures
[What we are looking for]
Bachelor's degree in Computer Science, Information Security, or related field
At least 3 years of experience in application security or software development with security focus
Strong knowledge of secure coding practices and OWASP Top 10 vulnerabilities
Proficiency in common programming languages (e.g., .Net Core, Java, Python, JavaScript)
Experience with security testing tools and methodologies
Understanding of cryptography, authentication, and authorisation protocols
Knowledge of common security frameworks and standards (ISO 27001, NIST, etc.)
Security certifications (CISSP, CEH, OSCP, or equivalent)
Experience with cloud security (AWS, Azure, GCP)
Knowledge of DevSecOps practices and tools
Familiarity with containerisation and microservices security
Strong analytical and problem-solving abilities
Excellent communication and collaboration skills
Experience with security incident response
As part of the shortlisting process for this role, you may be required to complete a medical declaration and/or undergo further assessment.
This is a 2-Year Contract. All applicants will be notified on whether they are shortlisted or not within 4 weeks of the closing date of this job posting.
Other facts
About Public Service Division
The Government Technology Agency of Singapore (GovTech) is the lead agency driving Singapore's Smart Nation initiative and public sector digital transformation. We harness the power of technology to make lives better for citizens, businesses, international audiences and the public service sector.
Our mission: Engineering Digital Government, Making Lives Better.
Our goal is to create a government that is "Digital to the Core, and Serves with Heart". We achieve this by using technology to create services that are easy, seamless and secure for people to use, and placing the needs of citizens and businesses at the centre of everything we do.
As a digital government, our public officers are also able to continually upskill, adapt to new challenges and work more effectively across agencies as well as with citizens and businesses in Singapore.
What you'll do
- The Application Security Engineer will conduct security assessments, threat modelling, and code reviews to identify vulnerabilities in applications. They will also design and implement security controls and collaborate with development teams to remediate security issues.
Ready to join Public Service Division?
Take the next step in your career journey