Overview
The InfoSecurity Engineering Lead in A*STAR is a people manager role that owns the strategy, architecture, and hands on delivery of the organisation's security platforms and controls.
Leading an engineering team and reporting to the Deputy Director, the role designs, implements, and operates capabilities across Privileged Access Management (e.g., CyberArk), Endpoint Protection/EDR, SIEM/SOAR, Web Isolation, and Vulnerability Assessment, with a forward roadmap to enable Proxy based DLP.
The Lead partners closely with Divisions/Research Entities and stakeholders to ensure these security controls integrate cleanly into the wider environment and support a Zero Trust aligned posture.
Responsibilities
Strategy & Architecture: Set the security platforms strategy and reference architectures for PAM (CyberArk), EPP/EDR, SIEM/SOAR, Web Isolation, Vulnerability Assessment, and the Proxy DLP roadmap; align to Zero Trust principles and business risk.
Platform Engineering & Operations: Own deployment, integration, and lifecycle management of security platforms; maintain OKRs, change management discipline, and clear runbooks/documentation.
Future Ready Controls: Plan and implement Proxy based DLP with staged pilots, measurable risk reduction, and minimal user friction.
Stakeholder Partnership & Change: Partner with IAM, infrastructure, application, network, and SOC teams to ensure clean integrations; lead change planning, communications, and enablement.
Governance, Audit & Compliance: Align platforms and processes with organisational policies and public sector obligations (e.g., audit, data protection); keep configurations, exceptions, and evidence current.
Procurement, AORs & Vendor Management: Lead technical inputs for AORs and multi year plans; define security requirements in RFPs/SOWs; manage vendor delivery to measurable SLAs.
People Leadership & Operating Model: Lead a small team of security engineers—hiring, coaching, performance, skills growth; set cadences (backlog, change windows, PIRs) and maintain a clear RACI with partner teams.
Requirements
Experience: 7+ years in security engineering at enterprise scale, including 2+ years leading engineers and/or vendors (people management, coaching, performance, and delivery accountability).
Platform depth (more than 2 areas): PAM (CyberArk), EPP/EDR, SIEM/SOAR, Web Isolation, or Vulnerability Assessment - with a track record of delivering coverage and measurable risk reduction.
Communication: Crisp technical writing and senior level storytelling; ability to influence across engineering and business stakeholders.
Education: Bachelor's in Computer Science/Cybersecurity (or equivalent practical experience).
Experience: Microsoft security ecosystem.
Certifications: CISSP or CCSP and one of AZ 500 / SC 200 / SC 100 or CyberArk Defender/Sentry; PMP is a plus.
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Engineering and Information Technology
Industries: Research Services
Referrals increase your chances of interviewing at A*STAR - Agency for Science, Technology and Research by 2x
Get notified about new Lead Engineer jobs in
Singapore, Singapore .
#J-18808-Ljbffr