Lead Data Security Engineer

Date: 9 Nov 2023

Location: Singapore, Singapore

Company: Singtel Group

At Singtel, our mission is to Empower Every Generation. We are dedicated to fostering an equitable and forward-thinking work environment where our employees experience a strong sense of Belonging, to make meaningful Impact and Grow both personally and professionally. By joining Singtel, you will be part of a caring, inclusive and diverse workforce that creates positive impact and a sustainable future for all.



Be a Part of Something BIG! 


In Group IT, we create great technology that can change the future, and we're looking for people to be part of our digital and 5G journey. If you like to work in a dynamic, leading communications technology group to deliver innovations and excellence across the region, come join our digital, software engineering, data and cyber security teams!


Apply now, and ignite our digital future together.


We are seeking a highly experienced and skilled Lead Data Security Engineer with 12 years of proven expertise in the data security domain, specifically with knowledge of Cloud Platforms (Azure, AWS) & Databricks. As the Lead Data Security Engineer, you will be responsible for developing and implementing robust data security strategies, protocols, and solutions to safeguard our organization's sensitive and critical information assets, with focus on securing data within Azure, Databricks' Unified Analytics Platform. This role demands a deep understanding of data security practices, hands-on implementation experience, risk & compliance management.



Make an Impact by


  • Develop and execute a comprehensive data security strategy aligned with the organization's overall security goals, risk management objectives and industry best practices.
  • Define and establish Cloud Security Posture Management (CSPM) guidelines and implementation.
  • Evaluate and implement data security standards such as Access Management, Tokenization, Data Masking, Hashing, DLP, authentication, authorization, Backup & Recovery, data disposition, data resiliency, data encryption.
  • Databricks Security Features: Utilize and configure Databricks (Unity Catalog) built-in security features such as access controls, Dynamic Views, workspace policies, network isolation, and single sign-on (SSO) for enhanced data protection.
  • Design & Implement Access Control Framework with Least Privilege Principles.
  • Evaluate and renew implemented data security, privacy, overall data control solutions to ensure their relevance and effectiveness in supporting business needs and regulatory requirement (PDPA, GDPR, ISO 27001, Telecom act etc.).
  • Data Encryption and Protection in Azure Platform & Databricks: Oversee the implementation and management of data encryption, tokenization, masking, and other security mechanisms within Databricks environments to protect sensitive data at rest, in transit, and during processing.
  • Implement and operationalize Zero trust posture and policy enforcement.
  • Review, analyze, benchmark, and approve solution design from product companies, internal teams and vendors.
  • Implement Data Access Audit & Monitoring, familiar with Azure stack such as Azure Monitor, Azure Sentinel.
  • Security Monitoring for Databricks: Implement and manage data security monitoring tools and systems tailored for Databricks environments, analyzing logs and alerts to detect and respond to potential security threats within Databricks.
  • Define Best-Practices and Process for protecting Data in Use, Data in Motion and Data at Rest (i.e., TLS, SAS, TDE, Server/Client-side encryption, storage encryption).
  • Responsible for automating Data Security Controls & Processes to provide improved operational support.
  • Interpret Data Security and Technical requirements into Business Requirements and communicate security risks to relevant stakeholders.
  • Implement IAM, SIEM solutions to Streamline fine grained access controls and security threat measure across the cloud landscape.
  • Design and implementation of Platform & Data security capabilities like Privilege Access Management, Vulnerability Assessment, End Point Protection, End Point Detection and Response, Certification Authority and Key Management, Application Security.
  • Incident Response for Databricks: Lead data security incident response efforts specifically related to Databricks, including investigation, containment, eradication, and recovery from security breaches or data leaks within Databricks environments.
  • Databricks Vulnerability Management: Develop and execute vulnerability assessment and management programs specifically targeting Databricks workloads, identifying and mitigating data security risks in a timely manner.
  • You also provide technical data security consultancy for key digital projects to ensure that the data security requirements on data collection, retrieval, storage, processing and transmission comply with the data security policies and standards.


Skills for Success 


  • Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
  • Minimum of 12 years of experience in data security, information security, or a related field, with specific knowledge and experience in securing data within Databricks' Unified Analytics Platform.
  • Expert in building data security, privacy solutions and Implementation
  • Experience in Implementing SIEM (Security Information & Event Management, E.g. Microsoft Sentinel, UEBA - user and entity behavior analytics)
  • Proven experience in leading and implementing data security initiatives for Databricks workloads in large-scale, complex environments.
  • Strong knowledge of data security principles, encryption, access control, and authentication protocols, with expertise in applying them within Databricks.
  • Familiarity with industry standards and frameworks such as ISO 27001, NIST, CIS Controls, etc., and their application to Databricks.
  • In-depth understanding of data privacy regulations and compliance requirements relevant to Databricks usage.
  • Experience with security technologies, including firewalls, intrusion detection/prevention systems, SIEM, etc., specifically as they relate to Databricks.
  • Hands-on experience with Databricks' built-in security features and configurations
  • Ability to troubleshoot and issue resolution complex security, privacy requirement
  • Experience on structured and unstructured data design / modeling, data access, security and data storage techniques
  • Experience with relational SQL and NOSQL DB
  • Experience to do cost estimation based on the design and development
  • Experience with Agile, DevOps tools and environment
  • Understanding DLP rules & configuration
  • Familiarity in encryption and tunnelling protocols (PKI, IPSec, SSL VPN, TLS, IKE, IKEv2, etc.)
  • Understanding Public Key Cryptography
  • Dynamic Data Masking –Informatica Suite, Protegrity, Oracle/Teradata Dynamic Masking or equivalent
  • Data Tokenization
  • Azure Data Encryption Services such as Macie
  • Secret Key Management
  • Implement Fine Grained Access Controls across the cloud landscape through (IAM)


Rewards that Go Beyond  


  • Hybrid work arrangements  
  • Full suite of health and wellness benefits   
  • Ongoing training and development programs   
  • Internal mobility opportunities


Your Career Growth Starts Here. Apply Now! 


We are committed to a safe and healthy environment for our employees & customers and will require all prospective employees to be fully vaccinated.