Engagement Manager - (Public Sector)

At Xtremax, this role supports goverment partner agencies in strengthening the resilience of government IT infrastructure. As an IT Security Officer (ITSO), you will be responsible for safeguarding mission-critical systems, managing security risks, and ensuring compliance with industry standards and policies. This role involves proactive monitoring, incident management, governance, and collaboration with multiple stakeholders to protect government digital assets against evolving cyber threats. Candidates with public sector experience are preferred, as this role supports IT projects for government agencies.

Responsibility:

Agency Engagement & Stakeholder Management

• Act as the key liaison between GovTech’s cybersecurity teams and assigned government agencies.
• Understand agency needs and translate them into cybersecurity requirements.
• Provide guidance on adopting WOG cybersecurity platforms and services.
• Lead stakeholder meetings, updates, and steering committees.

Cybersecurity Project Delivery

• Manage end‑to‑end delivery of cybersecurity initiatives, including SIEM/SOAR onboarding, endpoint protection, cloud security uplift, Zero Trust implementations, and vulnerability management.
• Coordinate with GovTech engineering teams, architects, and solution owners to achieve project milestones.
• Ensure all deliverables meet GovTech standards.

Governance, Compliance & Risk

• Support agencies in complying with ICT&SS policies, IM8 requirements, and other cybersecurity standards.
• Track and report cybersecurity risks, audit findings, and remediation progress.

Change Management & Adoption

• Drive agency adoption of new cybersecurity tools and processes.
• Conduct workshops, onboarding sessions, and user communication activities.
• Promote cyber hygiene and secure‑by‑design practices.

Technical Competencies

• Familiarity with SIEM or log analytics platforms (Splunk, Elastic, QRadar, ArcSight) and security monitoring concepts.
• Experience and Familiarity with security logs from multiple sources.
• Good working knowledge of Linux (RedHat/Ubuntu)
• Platform integration skills are a plus - Experience in installation, configuration, documentation and administration of multiple pre-production and production platforms in Cloud (AWS, Azure, Google Cloud), virtual and physical environments
• Demonstrates self-direction and intellectual curiosity - Skilled in configuring test environments, executing proof-of-concept evaluations, and creating detailed procedural documentation.

Skills & Experience

• MUST have experience in Google Security Operations (SecOps) - Previously known as Google Chronicle
• MUST have AWS &/or Azure experience
• Experience in project or programme management in ICT or cybersecurity domains.
• Strong stakeholder management and communication skills.
• Ability to work across multiple teams and manage complex dependencies.
• Familiarity with cybersecurity concepts (e.g., network security, cloud security, SOC processes, vulnerability management).
• Understanding of government cybersecurity frameworks such as IM8 and ICT&SS policies (preferred).

Preferred Certifications

• CISSP, CISM, CCSP, or equivalent.
• PMP, PRINCE2, or Agile‑related certifications.
• ITIL Foundation is a plus.

By submitting your resume/CV, you consent and agree to allow the information provided to be used and processed by or on behalf of Xtremax Pte Ltd for purposes related to your registration of interest in current or future employment with us and for the processing of your application for employment.

You also represent to us that you have obtained the consent of your referees when you disclose to us their personal data for the purpose of conducting reference checks.

The personal data held by us relating to your application will be kept strictly confidential and in accordance with the PDPA. You may also refer to our Privacy Policy for more details here: 

We regret to inform you that should you not consent to providing the necessary data required for us to process your application, your application will be considered void.