Security Architect

We are seeking a Specialist – Cybersecurity Architect with expertise in application, data, middleware, platform and infrastructure security to join our team. In this role, you will serve as a trusted cybersecurity advisor for new initiatives and projects; while also playing a key role in enhancing and optimizing existing security setups to ensure they meet industry standards and align with organizational objectives.

Security Architecture and Advisory

• To partner with stakeholders from IT, OT and business to define and deliver emerging security reference architectures and solutions.
• Review security design and provide technical guidance to project teams throughout the software development lifecycle and implement security by design principles
• Front technical discussions on cybersecurity-related matters and other emerging technology domains with stakeholders in Infra, application development and enterprise architect teams.
• Recommend and drive cybersecurity solution and initiatives to improve the cybersecurity posture of the organisation.
• Evaluate and recommend technologies and tools to establish and maintain the desired security posture across various technology stacks, including infrastructure, applications, and data.

Application and Data Security

• Define and implement secure design practices for data and APIs, ensuring proper authentication, authorization, and protection from common threats.
• Implement application security best practices, including secure coding standards, threat modelling, and vulnerability assessments.
• Guide and contribute application and data security design approaches, ranging from high level overview to deep dive into implementation details

Infrastructure Security

• Collaborate with IT Infrastructure teams to ensure secure configurations, and implement servers, networks and endpoints security best practices.
• Collaborate with OT/ICS teams to strengthen security controls for industrial systems.

Compliance and Governance

• Keep abreast of the cybersecurity trends, industry standards and new technology to improve security maturity within Jurong Port
• Perform security reviews, identifying gaps in security architecture, and developing a security risk management plan for Jurong Port, ensuring that the developed systems and architecture are consistent with the organisation’s cybersecurity policy.
• Define and manage architecture artefacts such as standard operating procedures documents, application security guides, reference documents, blueprints, technical and non-technical security requirements.
• Ensure compliance with cybersecurity frameworks such as NIST CSF, regulatory requirement such as CCoP, and relevant data protection regulations.

Qualifications:

• Bachelor’s degree in Information Technology, Computer Science, Engineering or its equivalent.
• 4 to 7 years of experience in cybersecurity, with a focus on application and data security.
• Hands-on experience designing secure systems and architectures for cloud, on-premises, and hybrid environments.
• Experienced in Security by Design principles and DevSecOps practices.
• Knowledge of industry standards such as NIST Cybersecurity Framework, CIS and CCoP.
• Relevant certifications such as GIAC, CISSP, CISM, CCSP, AWS Certified Security or similar are highly desirable
• Capable of working independently with minimum supervision.
• Good verbal and written communication skills to effectively engage both technical and non-technical stakeholders.
• Experience in technology and tools evaluation and recommendation in any or all areas of security from infrastructure to application.