IT Security Officer (Public Sector)

• 1-year contract, renewable • Government project • Hybrid work arrangement What the Role Is In this role, you will apply foundational security principles to real-world engineering challenges while executing security tasks with increasing independence. Depending on your area of focus, you may contribute to improving security implementations, automating security processes, reviewing secure code and design patterns, and evaluating new cybersecurity tools. You will work closely with security and product teams to support threat modelling, implement security controls, and perform security-related operations to secure government systems. What You Will Be Working On Cybersecurity Operational Work • Perform routine reporting and dashboarding activities, leveraging automation to improve efficiency • Support the review of VAPT findings and contribute to remediation planning • Validate security vulnerabilities and findings from various assessment reports • Refine incident response playbooks • Contribute to compliance-related documentation and evidence collection • Assist in implementing security controls and operational security tasks • Participate in threat modelling exercises and identify security requirements from policies • Perform periodic IAM role reviews to ensure least privilege access principles Security Architecture & Engineering • Apply security standards and controls across CI/CD pipelines, Kubernetes platforms, and cloud environments Cyber Defence & Incident Response • Support incident response activities and escalate complex issues appropriately • Perform alert triage and assist in investigations across security monitoring platforms • Contribute to refining detection rules, playbooks, and response runbooks • Support guided threat hunting activities to identify potential indicators of compromise Product Engineering • Deliver POCs or features spanning multiple components while balancing security, performance, and maintainability • Utilise code and cloud security analysis tools and remediate findings appropriately • Recommend improvements to enhance product security, performance, and team efficiency Emerging Technology Research • Conduct testing of new tools in lab environments and summarise findings • Contribute to POC initiatives with defined objectives and outcomes Collaboration & Growth • Collaborate with peers and stakeholders to ensure tasks are executed effectively • Share knowledge, resources, and lessons learnt openly to support team success • Suggest improvements that enhance team effectiveness What We Are Looking For • Foundational knowledge in security architecture, secure system design, and threat modelling • Ability to perform guided vulnerability validation and support remediation • Familiarity with securing CI/CD platforms, Kubernetes environments, and cross-cutting platform products • Exposure to developer-centric tools including agentic AI workflows and coding assistants • Familiarity with SIEM platforms, EDR tools, and cloud-native security monitoring • Ability to follow and contribute to detection logic, incident response playbooks, and threat hunting processes • Scripting or automation skills (e.g. Python, Bash) for security tooling and workflow automation • Understanding of identity and access management, secrets management, and zero trust principles • Able to work independently with minimal supervision and guidance • Proactively identifies and addresses issues, knowing when to escalate • Adapts to changing priorities effectively • Collaborates constructively with peers and stakeholder • Contributes positively through knowledge sharing and openness • Degree in Infocomm Security, Computer Science, Computer/Electronics Engineering, or Information Technology • Relevant experience or demonstrated potential backed by a strong track record is desirable • OSCP, CISSP, or other relevant cybersecurity certifications