IT Security lead

We are looking for an IT Security Lead to drive end-to-end security across mission-critical government systems, covering both project implementation (Day 1) and production operations (Day 2). This role combines security architecture, governance, and hands-on operations in a highly regulated environment. Key ResponsibilitiesSecurity Architecture & Governance • Define and enforce security architecture aligned with government standards (IM8, WOG) • Conduct threat modelling, risk assessments, and security reviews • Ensure compliance with security policies and audit requirements DevSecOps & Implementation • Embed security into CI/CD pipelines (SAST, DAST, container scanning) • Work with engineering teams on secure coding, API security, and IAM • Manage security testing (VA/PT) and remediation Operations & Incident Management • Lead security incident response, RCA, and recovery • Oversee vulnerability management and patching • Monitor security events (SIEM) and ensure detection coverage Access Control & Compliance • Govern RBAC, MFA, PAM, and access reviews • Support audits, reporting, and security posture tracking Requirements• Singapore Citizen (mandatory) • 8–12 years of IT experience, with 5+ years in Security Lead / Architect roles • Experience in Singapore Government / IM8 security environments • Strong hands-on experience with:Kubernetes / Docker securityAPI security and IAMSecurity tools (SIEM, SAST, DAST) • Experience working in DevSecOps and cloud-native environments • Strong stakeholder management and communication skills Nice to Have• Certifications such as CISSP, CISM, CISA, CEH, or GIAC • Cloud security certifications (AWS / Azure)