JOB DETAILS

Senior Information Security Specialist

CompanySingtel Group
LocationKuala Lumpur
Work ModeOn Site
PostedMay 31, 2026
About The Company
Singtel Group is Asia's leading communications technology group, providing a portfolio of services from next-generation communication, digital services and digital infrastructure including regional data centre arm Nxera and regional IT services arm NCS. The Group has presence in Asia, Australia and Africa and reaches over 820 million mobile customers in 20 countries. Singtel is dedicated to continuous innovation, harnessing next-generation technologies to create new and exciting customer experiences as we shape a more sustainable, digital future.
About the Role

Be a part of something BIG!

 

The Senior Information Security Specialist will be responsible to provide independent security architecture and risk assurance across technology initiatives, ensuring that information security risks are identified early, assessed consistently, and managed effectively throughout the system lifecycle. The role enables secure delivery of business initiatives by ensuring technology solutions, infrastructure changes, and third-party services are designed and implemented in compliance with regulatory requirements, enterprise security standards, and the organisation’s risk appetite.

The role acts as a security risk and architecture advisor to Singtel IT, Telco Networks and Enterprise stakeholders, applying recognised security frameworks and threat modelling techniques to evaluate design decisions, identify control gaps, and recommend risk-based mitigations. Through continuous improvement of risk assessment practices and standards, the role strengthens the organisation’s overall security posture while supporting timely and informed decision-making.

 

Make an Impact by:

  • Perform comprehensive information security risk assessments for new and existing systems, applications, infrastructure changes, and third-party engagements
  • Identify, analyse, and evaluate security risks using recognised frameworks such as MAS TRM, ISO 27001/27005, NIST, and CIS Controls.
  • Ensure technology initiatives and controls comply with internal security policies, standards, and governance requirements; proactively highlight gaps and recommend remediation. 
  • Review and validate security control designs across IT infrastructure, cloud environments, network security, identity and access management, data protection, and application security
  • Assess design documents, architecture diagrams, and technical controls to confirm that technology risks are mitigated prior to go-live.
  • Conduct threat modelling for critical systems and application deployments, identifying attack paths, threat scenarios, and control weaknesses, and recommending design-level mitigations.
  • Collaborate with IT, application teams, and business stakeholders to provide risk advisory for projects and ad hoc reviews.
  • Define, review, and promote secure architecture and security design patterns to guide solution teams in implementing consistent, scalable, and risk-aligned security controls.
  • Drive continuous improvement of security risk assessment and design review frameworks, processes, and templates to enhance consistency, quality, and efficiency across project and solution reviews.
  • Recommend new or enhanced security controls and architecture patterns based on emerging threats, risk assessment outcomes, regulatory changes, and industry best practices, and work with stakeholders to support their implementation.

 

Skills for Success:

  • Degree/Diploma in Information Technology, Computer Science, Engineering or related fields
  • At least 6 years or more working experience in security assessment, cybersecurity, or related IT roles.
  • Experience working within system integrator or consulting environments, including exposure to multi-client or complex delivery engagements, is an advantage.
  • Hands-on experience in system and security administration, implementation, and solution design across servers, applications and telco networks, will be useful. 
  • Ability to apply security architecture principles (e.g. defence-in-depth, least privilege, secure-by-design) to complex enterprise environments.
  • Strong capability in threat modelling and technology risk assessment, including identification of threat scenarios, assessment of control effectiveness, and recommendation of risk mitigation strategies.
  • Ability to interpret security baselines and standards and translate them into appropriate architectural and control requirements, aligned with regulatory, enterprise, and technology contexts.

 

Your Career Growth Starts Here. Apply Now!

Key Skills
Security ArchitectureRisk AssessmentThreat ModellingMAS TRMISO 27001NISTCIS ControlsCloud SecurityNetwork SecurityIdentity And Access ManagementData ProtectionApplication SecurityDefense-in-DepthLeast PrivilegeSecure-by-DesignGovernance
Categories
Security & SafetyTechnologyEngineeringConsultingSoftware
Job Information
📋Core Responsibilities
The role provides independent security architecture and risk assurance across technology initiatives to ensure risks are identified and managed throughout the system lifecycle. It involves conducting threat modelling and risk assessments to ensure compliance with regulatory requirements and enterprise security standards.
📋Job Type
full time
📊Experience Level
5-10
💼Company Size
8340
📊Visa Sponsorship
No
💼Language
English
🏢Working Hours
40 hours
Apply Now →

You'll be redirected to
the company's application page