Senior Information Security Specialist

The purpose of this role is to provide independent security architecture and risk assurance across technology initiatives, ensuring that information security risks are identified early, assessed consistently, and managed effectively throughout the system lifecycle. The role enables secure delivery of business initiatives by ensuring technology solutions, infrastructure changes, and third-party services are designed and implemented in compliance with regulatory requirements, enterprise security standards, and the organisation’s risk appetite. 

The role acts as a security risk and architecture advisor to Singtel IT, Telco Networks and Enterprise stakeholders, applying recognised security frameworks and threat modelling techniques to evaluate design decisions, identify control gaps, and recommend risk-based mitigations. Through continuous improvement of risk assessment practices and standards, the role strengthens the organisation’s overall security posture while supporting timely and informed decision-making

Make an Impact by: 

• Perform comprehensive information security risk assessments for new and existing systems, applications, infrastructure changes, and third-party engagements 


• Identify, analyse, and evaluate security risks using recognised frameworks such as MAS TRM, ISO 27001/27005, NIST, and CIS Controls. 


• Ensure technology initiatives and controls comply with internal security policies, standards, and governance requirements; proactively highlight gaps and recommend remediation.  


• Review and validate security control designs across IT infrastructure, cloud environments, network security, identity and access management, data protection, and application security 


• Assess design documents, architecture diagrams, and technical controls to confirm that technology risks are mitigated prior to go-live. 


• Conduct threat modelling for critical systems and application deployments, identifying attack paths, threat scenarios, and control weaknesses, and recommending design-level mitigations. 


• Collaborate with IT, application teams, and business stakeholders to provide risk advisory for projects and ad hoc reviews. 


• Define, review, and promote secure architecture and security design patterns to guide solution teams in implementing consistent, scalable, and risk-aligned security controls. 


• Drive continuous improvement of security risk assessment and design review frameworks, processes, and templates to enhance consistency, quality, and efficiency across project and solution reviews. 


• Recommend new or enhanced security controls and architecture patterns based on emerging threats, risk assessment outcomes, regulatory changes, and industry best practices, and work with stakeholders to support their implementation. 

Skills for Success:

• Degree/Diploma in Information Technology, Computer Science, Engineering or related fields 


• At least 6 years or more working experience in security assessment, cybersecurity, or related IT roles. 


• Experience working within system integrator or consulting environments, including exposure to multi-client or complex delivery engagements, is an advantage. 


• Hands-on experience in system and security administration, implementation, and solution design across servers, applications and telco networks, will be useful.  


• Ability to apply security architecture principles (e.g. defence-in-depth, least privilege, secure-by-design) to complex enterprise environments. 


• Strong capability in threat modelling and technology risk assessment, including identification of threat scenarios, assessment of control effectiveness, and recommendation of risk mitigation strategies. 


• Strong capability to interpret security baselines and standards and translate them into appropriate architectural and control requirements, aligned with regulatory, enterprise, and technology contexts. 


• Ability to validate systems and solution designs against security and compliance baselines, identify gaps, and recommend appropriate remediation measures. 


• Professional security management certifications such as a Certified Information Systems Security professional (CISSP), Certified Information Security Manager (CISM) or other similar credentials, will be preferred. 


• Technical certifications such as AWS, Azure, or Google Cloud Platform; and security product certifications (e.g., endpoint security, SIEM, firewall, or cloud security tools) are an added advantage 


• Strong analytical and problem-solving skills. 


• Effective time management and prioritisation skills. 


• Sound conflict management and negotiation skills. 


• High level of professionalism, commitment, and accountability. 


• Resilience and adaptability in fast-paced or changing environments. 


• Change-oriented mindset with a focus on continuous improvement. 


• Ability to work independently with minimal supervision, with remote stakeholders, exercising sound judgement, and initiative.

Are you ready to say hello to BIG Possibilities?

Take the leap with Singtel to unlock new opportunities and accelerate your growth. Apply now and start your empowering career!