Principal Threat Risk Consultant

Open to Singaporean citizens Only

Principal Threat Risk Consultant (DXO) – Digital Ops-Tech Centre (DOTC)

About Us

The Digital Ops-Tech Centre (DOTC) is a new established unit, formed within the Digital and Intelligence Services tasked to explore cutting edge technology and adopt best tech practices. As the Centre of Excellence for Software Engineering, DOTC develops our Armed Forces capabilities to increase productivity and efficiency of our operations.

We offer you a purposeful career where we empower our people to master their craft through robust learning and development opportunities all year round. If you are interested in building tech to advance our nation's defence capabilities, do join us in our mission to build impactful products. Learn more about us at dotc.gov.sg.

What We Offer You

We empower our people with continuous learning and development opportunities throughout the year. If you are passionate about building technology to strengthen our national defence, we invite you to join us in developing cutting-edge solutions. Learn more at dotc.gov.sg.

Who We Are Looking For:

We are looking for a Principal Threat Risk Consultant to develop and execute cybersecurity strategies, assess security risks, analyse complex threats and vulnerabilities in systems and applications. You will be involved in conducting security assessments, designing mitigation plans, and performing threat simulation. You will also develop cybersecurity policies, frameworks and provide expert advice to enhance the organisation's security blueprints.

What You Will Bring:

• At least 10 years of working experience in cybersecurity.
• Experience in conducting security assessments, vulnerability management and incident response.
• Possesses a strong understanding of various cybersecurity domains, including network security, cloud security, application security and incident response.
• Well-versed in local security laws and regulations.
• Ability to adapt to changing situations/ environments and processes, while maintaining effectiveness under stressful conditions.
• Excellent communication skills to influence both leadership and team members.

What You Will Do:

• Develop and execute a comprehensive cybersecurity strategy.
• Analyse complex security issues and develop effective mitigation plans.
• Develop and implement strategies to identify assets prone to cyber threats and attacks.
• Conduct comprehensive assessment of the applications to uncover potential threats and vulnerabilities in the design, implementation, deployment or configuration of the application and systems.
• Conduct in-depth analysis of existing threats and identify existing gaps in the current cybersecurity set-up.
• Provide advice on the design and implementation of security policies and controls on identified assets.
• Conduct research on new and existing threats that may impact existing IT systems.
• Recommend and develop approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.
• Work in conjunction with other digital departments to determine software release criteria and archetypes that will guide the software release approval process.
• Develop policies and frameworks for conducting cybersecurity risk assessments and compliance audits on products
• Identify potential threats that may affect applications and systems using the knowledge of the application and system vulnerabilities.
• Run simulations on the systems to identify the possibilities of threats and extent of damage they could cause.
• Prioritise and rate identified threats based on its severity.
• Document new threats based on a core set of attributes to develop threat mitigation protocols.
• Provide guidance on threat mitigation strategies and potential threats and cyberattacks to ensure current cybersecurity standards and setup are updated.