Application Security Engineer (AAD) (Contract)

The Monetary Authority of Singapore (MAS) is Singapore’s central bank and integrated financial regulator.

As central bank, MAS promotes sustained, non-inflationary economic growth through the conduct of monetary policy and close macroeconomic surveillance and analysis. It manages Singapore’s exchange rate, official foreign reserves, and liquidity in the banking sector.

As an integrated financial supervisor, MAS fosters a sound financial services sector through its prudential oversight of all financial institutions in Singapore – banks, insurers, capital market intermediaries, financial advisors, and stock exchanges. It is also responsible for well-functioning financial markets, sound conduct, and investor education.

MAS also works with the financial industry to promote Singapore as a dynamic international financial centre. It facilitates the development of infrastructure, adoption of technology, and upgrading of skills in the financial industry.

Join us now, if you have a genuine interest in making an impact to help shape Singapore’s economic and financial landscape.

[What you will be working on]

We are seeking an experienced Application Security Engineer to be part of the Application Architecture and Engineering Division (AAD) and strengthen our organisation's security posture by implementing robust security measures throughout our software development lifecycle. The ideal candidate will work closely with development teams and operation teams to ensure security is embedded in our applications from design to deployment.

In this position, you will:

• Conduct security assessments, threat modelling, and code reviews to identify vulnerabilities in applications

• Design and implement security controls, authentication mechanisms, and encryption solutions

• Develop and maintain secure coding guidelines and security standards

• Collaborate with development teams to remediate security issues and provide guidance on secure coding practices

• Conduct security awareness training sessions for development teams

• Monitor and respond to security incidents related to application vulnerabilities

• Evaluate and implement security tools and technologies

• Maintain documentation of security processes and procedures

[What we are looking for]

• Bachelor's degree in Computer Science, Information Security, or related field

• At least 3 years of experience in application security or software development with security focus

• Strong knowledge of secure coding practices and OWASP Top 10 vulnerabilities

• Proficiency in common programming languages (e.g., .Net Core, Java, Python, JavaScript)

• Experience with security testing tools and methodologies

• Understanding of cryptography, authentication, and authorisation protocols

• Knowledge of common security frameworks and standards (ISO 27001, NIST, etc.)

• Security certifications (CISSP, CEH, OSCP, or equivalent)

• Experience with cloud security (AWS, Azure, GCP)

• Knowledge of DevSecOps practices and tools

• Familiarity with containerisation and microservices security

• Strong analytical and problem-solving abilities

• Excellent communication and collaboration skills

• Experience with security incident response

As part of the shortlisting process for this role, you may be required to complete a medical declaration and/or undergo further assessment.

This contract will end in Dec 2029. All applicants will be notified on whether they are shortlisted or not within 4 weeks of the closing date of this job posting.