Editorial summary

The company is seeking a hands-on Cybersecurity Engineer with a minimum of five years of experience in Security Engineering, DevSecOps, Detection Engineering, or Offensive Security. The role involves building security guardrails, pipelines, controls, and participating in security incident support, purple-team exercises, and audits. Candidates should possess a degree in Computer Science, Information Systems, Engineering, or a related field, with a strong background in GRC, Enterprise Security, and Application Security. The position offers a salary of 12,000.

This summary is AI-generated and may contain inaccuracies. Please refer to the full job description below.

Job description

[This job id 12625 first appeared in Job-Q.com on 05 Jun 2026]

Job Summary

We are looking for a hands-on Cybersecurity Engineer to build guardrails, pipelines, controls, measure coverage, detection maturity, response time, and participate in security incident support, purple-team exercises, audit/forensics evidencing.

The ideal candidate should have a good mix of GRC, Enterprise Security and Application Security experience.

Mandatory Skill-set

• Degree in Computer Science, Information Systems, Engineering, or related discipline;
• Minimum 5 years of hands-on cybersecurity experience in Security Engineering, DevSecOps, Detection Engineering, Offensive Security, and Application Security;
• Strong experience with SSO (SAML/OIDC), MFA, identity policies, and enterprise application integration;
• Proven experience implementing DevSecOps controls (SAST, DAST, SCA, IaC scanning, policy-as-code) within CI/CD pipelines;
• Experience with secrets management, credential protection, and key management solutions;
• Proficient in enterprise security tools, VAPT, and frameworks such as MITRE ATT&CK;
• Hands-on experience securing cloud environments and DevOps/CI/CD ecosystems;
• Experience building security automation, SOAR workflows, runbooks, and API integrations;
• Familiar with MAS TRM, CIS Benchmarks, and security baseline implementation;
• Experience managing MDM security baselines across Linux, Windows, macOS, iOS, and Android platforms;
• Strong communication, presentation, and stakeholder management skills.

Desired Skill-set

• Certifications: OSCP, OSWE, CASE, GWEB, CISSP.

Responsibilities

• Develop and enhance security controls, guardrails, and detection capabilities while tracking coverage, detection effectiveness, response metrics, and supporting incident response, audits, and forensic investigations;
• Implement measures to reduce social engineering risks, including phishing attacks, MFA fatigue, helpdesk impersonation, and business email compromise (BEC);
• Integrate security testing and governance controls into CI/CD pipelines, covering SAST, DAST, SCA, IaC scanning, and policy-as-code frameworks;
• Establish and govern Secure SDLC practices, including threat modeling, security checkpoints, risk exception management, and remediation timelines;
• Design and deploy solutions to identify and prevent credential and secret leakage across development and source code repositories;
• Create and optimize threat detection use cases aligned with relevant MITRE ATT&CK techniques;
• Collaborate with SOC, MDR, engineering, and external security teams to conduct purple-team exercises and validate security controls;
• Develop automated security workflows, orchestration processes, and runbooks to improve detection, response, containment, and recovery efficiency;
• Support security operations and compliance activities through automated evidence collection, control validation, and remediation management;
• Monitor emerging threats and technology trends to continuously update testing standards and security practices;
• Act as a trusted advisor to senior stakeholders, and project teams, fostering a culture of security and knowledge sharing across the organizations.

Should you be interested in this career opportunity, please send in your updated resume to apply@sciente.com at the earliest.
When you apply, you voluntarily consent to the disclosure, collection and use of your personal data for employment/recruitment and related purposes in accordance with the SCIENTE Group Privacy Policy, a copy of which is published at SCIENTE’s website

(https://www.sciente.com/privacy-policy).

Confidentiality is assured, and only shortlisted candidates will be notified for interviews.

EA Licence No. 07C5639

Scam prevention reminder: You should not make any pre-payment when applying for any job.

Illegal practices reminder: It is illegal for recruiter to collect payment (kickback) from the worker https://www.mom.gov.sg/-/media/mom/documents/publications/foreign-workers/what-are-kickbacks.pdf