We are seeking a hands on Security Engineer to take ownership of security across engineering, infrastructure, identity, and compliance within a MAS-regulated digital payments organisation.
This is a high-impact individual contributor role reporting directly to the Cybersecurity Director. The successful candidate will play a key role in building and strengthening security capabilities across the organisation, with broad exposure across DevSecOps, detection engineering, identity security, and regulatory compliance.
Key Responsibilities
Identity & Access Security
- Design and enhance enterprise SSO (SAML/OIDC) integrations
- Implement MFA strategies and conditional access policies
- Reduce identity-related risks including phishing and account compromise
- Embed security into CI/CD pipelines (SAST, DAST, SCA, IaC scanning, policy-as-code)
- Define secure SDLC practices, including threat modelling and security gates
- Improve vulnerability management and remediation processes
- Implement centralized secrets management solutions
- Eliminate hardcoded credentials across systems and pipelines
- Enforce rotation policies, least privilege access, and auditability
- Develop and tune detections aligned with MITRE ATT&CK
- Improve telemetry coverage across cloud, identity, endpoint, and applications
- Support threat hunting and detection gap analysis
- Build automated security runbooks and response workflows
- Improve MTTD and MTTR through automation and orchestration
- Support purple-team exercises and remediation efforts
- Support MAS Technology Risk Management (TRM) requirements
- Implement CIS benchmark-aligned configuration standards
- Contribute to SOC 2 and PCI-DSS readiness and audit support
- Establish compliance-as-code and continuous control monitoring
Requirements
- 5–10 years’ experience in Security Engineering, DevSecOps, Application Security, or Detection Engineering
- Strong experience with SSO (SAML/OIDC), MFA, and identity security
- Hands-on experience implementing DevSecOps security controls in CI/CD environments
- Familiarity with security automation, scripting, or SOAR/playbooks
- Working knowledge of MITRE ATT&CK and detection engineering principles
- Understanding of CIS benchmarks and secure configuration practices
- Experience working in regulated or enterprise environments
Preferred Experience
- MAS TRM, SOC 2, or PCI-DSS exposure
- Cloud security experience (AWS, Azure, or GCP)
- Experience with SIEM/EDR platforms and detection tuning
- Container or Kubernetes security experience
- Security certifications such as CISSP, CCSP, OSCP, or GIAC
About the Role
This is a rare opportunity to take ownership of a broad security engineering function within a regulated fintech environment. You will work closely with engineering, infrastructure, and security leadership to build scalable, automated, and compliance-ready security capabilities from the ground up.
Reg No. R1768414
BeathChapman Pte Ltd
Licence no. 16S8112
