Senior Information Security Specialist

Be a part of something BIG!

The Senior Information Security Specialist will be responsible to provide independent security architecture and risk assurance across technology initiatives, ensuring that information security risks are identified early, assessed consistently, and managed effectively throughout the system lifecycle. The role enables secure delivery of business initiatives by ensuring technology solutions, infrastructure changes, and third-party services are designed and implemented in compliance with regulatory requirements, enterprise security standards, and the organisation’s risk appetite.

The role acts as a security risk and architecture advisor to Singtel IT, Telco Networks and Enterprise stakeholders, applying recognised security frameworks and threat modelling techniques to evaluate design decisions, identify control gaps, and recommend risk-based mitigations. Through continuous improvement of risk assessment practices and standards, the role strengthens the organisation’s overall security posture while supporting timely and informed decision-making.

Make an Impact by:

• Perform comprehensive information security risk assessments for new and existing systems, applications, infrastructure changes, and third-party engagements
• Identify, analyse, and evaluate security risks using recognised frameworks such as MAS TRM, ISO 27001/27005, NIST, and CIS Controls.
• Ensure technology initiatives and controls comply with internal security policies, standards, and governance requirements; proactively highlight gaps and recommend remediation. 
• Review and validate security control designs across IT infrastructure, cloud environments, network security, identity and access management, data protection, and application security
• Assess design documents, architecture diagrams, and technical controls to confirm that technology risks are mitigated prior to go-live.
• Conduct threat modelling for critical systems and application deployments, identifying attack paths, threat scenarios, and control weaknesses, and recommending design-level mitigations.
• Collaborate with IT, application teams, and business stakeholders to provide risk advisory for projects and ad hoc reviews.
• Define, review, and promote secure architecture and security design patterns to guide solution teams in implementing consistent, scalable, and risk-aligned security controls.
• Drive continuous improvement of security risk assessment and design review frameworks, processes, and templates to enhance consistency, quality, and efficiency across project and solution reviews.
• Recommend new or enhanced security controls and architecture patterns based on emerging threats, risk assessment outcomes, regulatory changes, and industry best practices, and work with stakeholders to support their implementation.

Skills for Success:

• Degree/Diploma in Information Technology, Computer Science, Engineering or related fields
• At least 6 years or more working experience in security assessment, cybersecurity, or related IT roles.
• Experience working within system integrator or consulting environments, including exposure to multi-client or complex delivery engagements, is an advantage.
• Hands-on experience in system and security administration, implementation, and solution design across servers, applications and telco networks, will be useful. 
• Ability to apply security architecture principles (e.g. defence-in-depth, least privilege, secure-by-design) to complex enterprise environments.
• Strong capability in threat modelling and technology risk assessment, including identification of threat scenarios, assessment of control effectiveness, and recommendation of risk mitigation strategies.
• Ability to interpret security baselines and standards and translate them into appropriate architectural and control requirements, aligned with regulatory, enterprise, and technology contexts.

Your Career Growth Starts Here. Apply Now!