Senior Security Consultant (Security By Design)

Singapore, Singapore, Singapore

Applications have closed

Sopra Steria I2S

Sopra Steria, a European Tech leader recognised for its consulting, digital services and software development, helps its clients drive their digital transformation to obtain tangible and sustainable benefits.

View company page


Sopra Steria is a listed European tech leader specializes in Consulting, Digital Service, and Software. We have 50,000 employees worldwide located in different regions (Europe, North America and Asia), whereby Singapore is the HQ for APAC. EvaGroup Asia Pacific is part of Sopra Steria, in charge of Infrastructure, Cloud and Cybersecurity services in APAC.


You will be part of a new Security By Design (SBD) APAC team to support all ongoing and new projects with a SBD approach. This is based on “Project Identification, Assessment and Prioritization’ and a Method has been created to support the deliverable.

The main responsibilities of the SBD APAC team:

  • Point of Contact for ongoing and new projects
  • Review and assess architecture and documentation for the projects in scope in regards with the SBD
  • Recommend mitigation/correction actions
  • Report to APAC Security stakeholders on the SBD activity
  • Write deliverable on existing projects/applications, in line with the Portfolio Cyber Architect
  • Provide insights about regular findings



  • Assessment of the Security by Design Methodology against any new projects
  • Deliver a risk assessment of each new project in accordance with Cyber criticality
  • Submit it for Security Business Partner’s review and validation
  • List and plan security activities and deliverables
  • Select the Project Security Baseline
  • Propose, in coordination with the Central Security by design team, a remediation plan for identified risks and vulnerabilities
  • Develop Key Metrics that will show the maturity of each system for security based on the risk assessment and work packages.
  • Align with the Security By Design Teams to maximize on global standards and capabilities
  • To ensure a repeatable process is in ‘run-mode’
  • Weekly/Monthly Meetings with different stakeholders from local/regional to global teams
  • Monthly KPI Dashboard of Risk Status for Each new Project
  • Deliver Risk Plans to IM Risk Manager on a Monthly Basis
  • Align to Security by Design Teams in Europe on a Monthly basis


  • Good working knowledge of security risk management, security governance framework and compliance (IT Security Audit / log review), technical vulnerability management (Vulnerability Assessment, Penetration testing), application security, security technologies (system hardening, IDS/IPS, firewall), security incident response and security assessment.
  • Proficiency in written and spoken English is a must
  • Autonomous, with the ability to drive and lead
  • Excellent writing and communication skills to negotiate and provide solutions
  • Proven stakeholder and inter-personal management skills


  • Bachelor’s degree or master degree in Information Security System, Computer Science, or relevant IT experience
  • Preferably with minimum 10 years' experience in cyber security role, with relevant experience in Security Audits, Security Assessment and/or Compliance
  • Possess one of more professional credentials: CISSP, CRISC, CISM, CISA, SSCP, CEH, ISO 27001 or equivalent


  • Regular team buildings
  • 18 leave days / Year
  • Health Insurance: GP, Life Insurance, Dental Insurance and Optical insurance
  • Annual bonus
  • Working hours: from 9am to 6pm, Monday to Friday
  • E-learning and certifications paths

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Application security Audits CEH CISA CISM CISSP Cloud Compliance Computer Science CRISC Firewalls Governance IDS Incident response IPS ISO 27001 Pentesting Risk assessment Risk management Security assessment SSCP Vulnerabilities Vulnerability management

Perks/benefits: Career development Health care Salary bonus

Region: Asia/Pacific
Country: Singapore
Job stats:  10  2  0
Category: Consulting Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.