NCS is a leading technology services firm that operates across the Asia Pacific region in over 20 cities, providing consulting, digital services, technology solutions, and more. We believe in harnessing the power of technology to achieve extraordinary things, creating lasting value and impact for our communities, partners, and people. Our diverse workforce of 13,000 has delivered large-scale, mission-critical, and multi-platform projects for governments and enterprises in Singapore and the APAC region. Job DescriptionSecurity Architecture & DesignInterpret and translate security requirements (e.g., IM8, client policies) into architecture designsDesign, review, and enhance security architecture, controls, and solutionsPerform threat modelling and technical risk assessmentsSupport security design reviews and clearance processes (e.g., ACISO)Build & Implementation AssuranceGuide delivery teams on secure implementation of solutionsValidate implementation against approved architecture and security requirementsIdentify and address security gaps, deviations, and non-compliancesRecommend appropriate security technologies and compensating controlsSecurity Testing & AssuranceSupport and review security testing activities, including:SSAT, VAPT, and related assessmentsValidate findings, remediation plans, and retest resultsProvide guidance to reduce vulnerabilities and improve security postureRisk Management & AssuranceLead development and review of:DeviationsRisk Registers / Risk AssessmentsAssess risks based on:Discoverability, Exploitability, Reproducibility, Likelihood, and ImpactDefine preventive, detective, and corrective controlsEvaluate residual risks and support risk acceptance processes with stakeholdersData Security ConsiderationsAssess and advise on data-related risks, including:Data classification and sensitivityData protection (data in transit / at rest)Data access controls and governanceEnsure alignment with applicable data security frameworks and policiesWork with stakeholders to determine applicability of data security requirements within system scopeStakeholder EngagementAct as cybersecurity SME for project teams, customers, and vendorsLead technical discussions and provide security advisorySupport audits, reviews, and clarification requestsOperations & Continuous ImprovementValidate security operational proceduresProvide advisory to operations and SOC teamsPeriodically review and enhance security architecture and controls Qualifications 8–15+ years in cybersecurity (architecture, engineering, or risk)Experience in large-scale ICT or regulated/Government environments preferredSecurity architecture across network, systems, applications, and cloudIAM / PAM, security hardening, vulnerability managementSecurity testing (VAPT, SSAT)Familiarity with modern domains (cloud, containers, AI/OT – advantageous)Experience in risk assessment and deviation management (e.g., MDL)Familiarity with IM8 / ISO 27001 / NIST / CIS frameworksWorking knowledge of data security principles and controlsCISSP / CISM / CISATOGAF / SABSA (advantageous)Cloud security certificationsStrong stakeholder management and communication skillsAbility to translate technical risks into business impactStructured, analytical, and delivery-oriented mindsetDue to government project sensitivity, we will only consider Singapore CitizenAdditional InformationWe are driven by our AEIOU beliefs—Adventure, Excellence, Integrity, Ownership, and Unity—and we seek individuals who embody these values in both their professional and personal lives. We are committed to our Impact: Valuing our clients, Growing our people, and Creating our future. Together, we make the extraordinary happen. Learn more about us at ncs.co and visit our LinkedIn career site. We are driven by our AEIOU beliefs—Adventure, Excellence, Integrity, Ownership, and Unity—and we seek individuals who embody these values in both their professional and personal lives. We are committed to our Impact: Valuing our clients, Growing our people, and Creating our future. Together, we make the extraordinary happen. Learn more about us at ncs.co and visit our LinkedIn career site. Scam Alert We are aware of fraudulent job offers and impersonations of NCS recruiters. Phishing emails using convincing-looking but fake addresses are also commonly used to trick you into thinking that they come from official NCS sources. Please note that all official communications from NCS Group will only be sent from verified corporate email addresses. Always check that the sender’s email address ends with the genuine NCS domain, @.sg and beware of extra letters, symbols or misspellings. When in doubt, verify the sender’s identity by contacting us at .sg.