JOB DETAILS

Principal Engineer, Security

CompanyStarHub Ltd
LocationSingapore
Work ModeOn Site
PostedApril 26, 2026
About The Company
StarHub is a leading homegrown Singapore company that delivers world-class communications, entertainment, and digital services. With our extensive fibre and wireless infrastructure and global partnerships, we bring to people, homes and enterprises quality mobile and fixed services, a broad suite of premium content, and a diverse range of communication solutions. We develop and deliver solutions incorporating artificial intelligence, cybersecurity, data analytics, Internet of Things, and robotics for corporate and government clients. StarHub is committed to conducting our business sustainably and responsibly. StarHub is named among TIME’s World’s Most Sustainable Companies 2025 and ranked as the world’s most sustainable wireless telecommunication provider on the Corporate Knights Global 100 (2025). StarHub also ranks 187 on the FORTUNE Southeast Asia 500 in 2025. Listed on the Singapore Exchange mainboard, StarHub is a component stock of the SGX iEdge Singapore Low Carbon Index, iEdge-OCBC Singapore Low Carbon Select 50 Capped Index; as well as the FTSE4Good Index series. Visit www.starhub.com for more information.
About the Role

Principal Engineer, Security

Role Mission:
To plan, design, and drive continuous innovation in zero trust architecture, AI threat detection, and next generation forensic techniques on multi cloud environment. 
You will act as a catalyst for transforming how we defend cloud workloads, Kubernetes clusters, and AI pipelines blending deep technical execution with a mandate to research, prototype, and productise novel security solutions.

Responsibilities:
•    Lead continuous innovation: identify emerging threats (cloud, container, AI), research countermeasures, build POCs, and roll out production-ready capabilities.
•    Deep hypervisor & virtualization systems engineering (KVM, Xen) with expert C/Rust programming and understanding of the full boot chain (BIOS/UEFI → kernel launch).
•    Develop security techniques: eBPF anomaly detection, automated K8s runtime defense, forensic memory analysis for serverless workloads.
•    Create internal security labs to simulate multi-cloud attack scenarios (cross-account privilege escalation, container escape, AI model extraction) and build novel detections.
•    Experiment with cutting-edge tools (eBPF, Web Assembly sidecars, confidential computing) for VM introspection, real-time prompt injection detection, etc.
•    Hands-on isolation technologies: IOMMU, VFIO, SR-IOV for high-security guest isolation.
•    Architect and enforce unified security baseline across AWS, Alicloud, and GCP (IAM, logging, encryption, network segmentation).
•    Implement CSPM/CWPP with auto-remediation, policy-as-code (Terraform/Checkov), and workload identity federation.
•    Lead Kubernetes security (CKS focus): admission controllers, OPA/Gatekeeper, Falco, supply chain security (SLSA, SBOM).
•    Deep understanding of Kubernetes core components (API server, scheduler, kubelet, CRI/CNI/CSI interfaces).
•    Lead innovations in AI security, Quantum security and KVM security. 

Qualifications

Requirement ;

•    Degree in Information Technology, Engineering or related field
•    8+ years of experience in infrastructure/cloud security, with 2+ years as a technical lead.
•    Deep hands on experience with AWS plus at least one of Azure/GCP.
•    Production Kubernetes security (RBAC, network policies, admission control, runtime defence).
•    Proficiency in Python or Go for security tooling, and Terraform for IaC.
•    Demonstrated ability to research, prototype, and implement novel security solutions (e.g., conference talks, open source contributions, internal patents).
•    Familiarity with OWASP Top 10 for LLMs, adversarial ML, and tools like Garak, Rebuff, or NeMo Guardrails.
•    Certifications: CKS, AWS Certified Security – Specialty (mandatory)., GCFA, GNFA (optional)

Key Skills
5G Core StandardsNetwork SlicingCloud-Native EnvironmentNetwork Exposure FunctionAPI FrameworksKubernetesContainersOrchestrationDevOps PracticesCI/CD PipelinesProgramming LanguagesTechnical LeadershipProject ManagementTelecommunications Network ArchitectureAutomationAI Implementation
Categories
TechnologyEngineeringData & Analytics
Job Information
📋Core Responsibilities
The Senior Engineer will serve as the technical authority on 5G Core standards and lead the design and implementation of NaaS initiatives. Responsibilities include guiding developers, advising on network slicing, and ensuring successful project management.
📋Job Type
full time
📊Experience Level
5-10
💼Company Size
2803
📊Visa Sponsorship
No
💼Language
English
🏢Working Hours
40 hours
Apply Now →

You'll be redirected to
the company's application page