Senior Information Security Engineer
- Enhance security across core domains including network, system, email, cloud, and data security.
- Act as a security advisor for major IT projects, ensuring risks are identified, managed, and mitigated.
- Manage and optimise a broad suite of security tools to ensure effective deployment and ongoing operation.
- Lead the design and implementation of security solutions and architectures protecting critical assets.
- Provide second‑line support for Security Operations, acting as an escalation point for complex issues.
- Conduct threat modelling and risk assessments to identify vulnerabilities and define mitigation strategies.
- Oversee the relationship with the Managed Detection & Response (MDR) provider to ensure continuous improvement.
- Deliver key initiatives on the security roadmap, aligned to business objectives and evolving threats.
- Collaborate with cross-functional teams to promote security awareness and integrate best practices across the business.
- 10 years' experience in information security roles such as security engineering, architecture, operations, or application security.
- Hands-on experience with threat modelling, penetration testing, and automated security validation.
- Strong understanding of cloud, network, and systems security principles.
- Scripting experience in at least one language; Python or PowerShell preferred.
- Familiarity with security technologies including EDR, DLP, vulnerability scanners, firewalls, and email gateways.
- Strong analytical and problem-solving skills, capable of addressing complex issues and designing practical solutions.
- Excellent communication skills with the ability to partner effectively with both technical and non-technical teams.
- Degree in Computer Science, Engineering, or a related STEM discipline.
- Deep knowledge of risk assessment methodologies.
- Exposure to security best practices across Azure, AWS, and GCP.
- Ability to analyse software for security risks, including code review, SAST/DAST, and identifying vulnerabilities in application design.
- Familiarity with regulatory frameworks (e.g., SEC Cybersecurity rules, MAS TRM Guidelines, NFA Cybersecurity Guidance, GDPR).
- Relevant security certifications.
FAQs
Congratulations, we understand that taking the time to apply is a big step. When you apply, your details go directly to the consultant who is sourcing talent. Due to demand, we may not get back to all applicants that have applied. However, we always keep your resume and details on file so when we see similar roles or see skillsets that drive growth in organizations, we will always reach out to discuss opportunities.
Yes. Even if this role isn’t a perfect match, applying allows us to understand your expertise and ambitions, ensuring you're on our radar for the right opportunity when it arises.
We also work in several ways, firstly we advertise our roles available on our site, however, often due to confidentiality we may not post all. We also work with clients who are more focused on skills and understanding what is required to future-proof their business.
That's why we recommend registering your resume so you can be considered for roles that have yet to be created.
Yes, we help with resume and interview preparation. From customized support on how to optimize your resume to interview preparation and compensation negotiations, we advocate for you throughout your next career move.