Cyber Security Engineer

Company Description

OUR STORY

Let’s be honest: there are lots of people out there doing what we do. We’re just not convinced they’re doing it right. Businesses are hungry for innovation and opportunity, but not at the cost of their independence. At Ollion, we’ve connected companies and capabilities around the world to help ambitious organizations make the most of their transformation and leave the status quo in the dust.

WORKING AT OLLION

Innovation is risky. It demands bold steps and big questions, but that’s the price of making change. We’ve got our head in the cloud and two feet on the ground, channeling tech’s endless potential towards a single goal: making a world of difference. And we’re building a global team to do just that— a team capable of making game-changing breakthroughs without ever losing sight of the people it will impact. This is more than consulting. This is the change you can be.

THE OLLION DIFFERENCE

At Ollion, we’re all in on your independence. Our teams are seasoned. Our solutions are straightforward—sometimes even groundbreaking. And our engagements? Exactly as long as you want them to be. We deliver fresh thinking and hard-earned insight in a way that works for you and your customers, arming your organization with everything you need to make your transformation truly mean something.

WORKING WITH OLLION (our clients’ experiences)

Progress matters more than process. Our global team of cloud-native pros is all about creating new and better ways to work—not just by solving your tech challenges, but by using technology to solve your business challenges. We keep the formulas, frameworks, and ten-point plans to a minimum, tackling your most pressing problems with a proprietary mix of good-old-fashioned ingenuity and refreshing humanity.

DIVERSITY AT OLLION 

One of our cultural keystones, ‘Find the angle’ recognizes that every individual has different aspirations, needs and brings a unique perspective. 

We value diversity, inclusion, and equity (DE&I) as core to our success. We believe that a diverse workforce brings together unique perspectives, experiences, and ideas, leading to innovation, creativity, and better outcomes for our clients and our organization. We are on a journey and are committed to building a workplace that celebrates and respects individuals from all backgrounds, including but not limited to race, ethnicity, gender, sexual orientation, age, disability, and cultural heritage.

As our commitment to diversity and inclusion is reflected in our: 

• Awareness and sensitisation programs: to create awareness and sensitisation. We encourage open dialogue, active listening, and mutual respect, creating a safe and supportive environment for everyone to contribute their unique perspectives and ideas. 
• Dedicated efforts to building diverse teams: that leverage the strength of our differences to tackle complex challenges and drive innovation. By embracing diversity, we broaden our collective knowledge, enhance problem-solving capabilities, and unlock limitless potential for our employees.

Job Description

Job Summary:

As a CyberSecurity Engineer for the Singapore Public Sector, you will play a critical role in securing large-scale, transformative projects for government agencies and public organizations. Your responsibilities will include conducting Threat Risk Assessments (TRAs), performing continuous penetration testing for common services, implementing security measures, ensuring compliance with public sector regulations, and managing security incidents. You will work closely with cross-functional teams to ensure that security is embedded throughout the software development lifecycle and that systems remain secure, resilient, and compliant with public sector regulations.

This role offers a unique opportunity to contribute to the digital transformation of Singapore’s public sector, ensuring that government agencies can leverage modern technologies while maintaining high standards of cybersecurity and data protection.

Key Responsibilities:

Penetration Testing & Threat Risk Assessments (TRAs):

• Conduct Threat Risk Assessments (TRAs) to identify potential vulnerabilities in client systems, networks, and applications, and recommend mitigation strategies.

• Perform continuous penetration testing on common services to simulate real-world attacks, identify exploitable weaknesses, and ensure security posture remains robust over time.

• Collaborate with cross-functional teams to identify and address security vulnerabilities across the development lifecycle.

• Regularly update and maintain security test plans, ensuring they reflect the evolving threat landscape and system changes.

Security Architecture & Risk Management:

• Lead the design and implementation of secure cloud architectures, integrating security practices in platforms like AWS and Azure.

• Monitor security threats and incidents, ensuring rapid response and resolution to minimize damage and maintain service continuity.

• Ensure compliance with government cybersecurity regulations and assist in audits and certification processes.

• Provide expertise in incident response planning, vulnerability management, and security monitoring to ensure the organization is prepared to handle security breaches.

Security Operations & Incident Management:

• Respond promptly to security incidents, manage the identification, containment, and remediation of security breaches, and assist with post-incident analysis.

• Implement and manage security monitoring tools and dashboards to detect, track, and resolve security incidents in real time.

• Maintain continuous vigilance on the security health of deployed systems, ensuring that common services remain resilient to evolving threats.

Team Collaboration & Development:

• Work in collaboration with internal teams to define and implement security controls, monitor security health, and ensure ongoing system security and resilience.

• Provide mentorship and training to junior security engineers, sharing knowledge on security best practices and penetration testing techniques.

• Promote a culture of security awareness across the organization and ensure security is prioritized in all stages of project development and delivery.

Compliance & Data Security:

• Ensure that all security solutions meet compliance requirements for public sector projects, including data governance, data protection laws, and security certifications.

• Work with legal and compliance teams to ensure that security measures align with the public sector’s data privacy requirements (e.g., PDPA, IM8).

• Provide guidance on data encryption, access controls, and secure data storage solutions for public sector projects.

Qualifications

Education & Experience:

• Bachelor’s or Master’s degree in Computer Science, Computing, Electrical Engineering, Information Technology (IT), or an equivalent field.

• At least 3 years of experience with security setup and monitoring of cloud-provisioned resources (e.g., AWS, Azure).

• At least 5 years of experience in cybersecurity engineering, with a focus on protecting IT infrastructures and sensitive data.

• Minimum of 2 years of experience working on public sector or government cybersecurity projects.

• Hands-on experience with cloud platforms (AWS, Azure, GCP) and implementing security in cloud-based environments.

• Experience in agile development and DevOps methodologies is required.

• Proven experience in penetration testing, vulnerability assessments, and security audits for both internal and external environments.

• Demonstrated experience with cybersecurity frameworks, standards, and compliance regulations (e.g., NIST, ISO 27001, PDPA).

Certifications:

• Must possess one of the following:

  • CREST certification, OR

Both the Offensive Security Certified Expert (OSCE) and Offensive Security Certified Professional (OSCP) certifications.

Skills & Expertise:

• Strong knowledge of cybersecurity principles, including risk management, threat detection, incident response, and penetration testing.

• Hands-on experience with security tools and technologies, including firewalls, IDS/IPS, SIEM, endpoint protection, and encryption solutions.

• Deep understanding of cloud security best practices, particularly for AWS, Azure, and GCP environments.

• Familiarity with government regulations and compliance requirements, such as PDPA, IM8, and other public sector-specific cybersecurity mandates.

• Proficient in programming and scripting languages (e.g., Python, Bash, PowerShell) to automate security tasks.

• Experience with penetration testing tools (e.g., Burp Suite, Kali Linux, Metasploit, Nessus) and vulnerability scanning tools.

• Excellent communication and interpersonal skills, with the ability to engage with both technical teams and senior public sector stakeholders.

Additional Information

BENEFITS & PERKS FOR WORKING AT OLLION

Our employees multiply their potential because they have opportunities to: Create a lasting Impact, Learn and Grow professionally & personally, Experience great Culture, and Be your Whole Self!

Beyond an amazing, collaborative work environment, great people, and inspiring, innovative work, we have some great benefits and perks:

• Benchmarked, competitive, in-market total rewards package including (but not limited to): base salary & short-term incentive for all employees
• Fully remote-first, small but Global organization; ‘learn wherever, whenever’ frees our people from a rigid view of learning and growth
• Retirement planning (i.e. CPF, EPF, company-matched 401(k))
• Globally, we build benefit plans that offer choices for whatever stage in life our employees are in and allow for flexibility as life happens. Employees have access to a fully comprehensive benefits package to choose the medical, dental, and vision insurance plan that best fits their lives. In addition to great healthcare coverage, we also offer all employees mental health resources and additional wellness programs.
• Generous time off and leave allowances
• And more!

Ollion is an equal opportunity employer. We celebrate diversity and we are committed to creating an inclusive environment for all employees. Ollion does not discriminate in employment on the basis of race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, parental status, military service, or other non-merit factor.