- Information Technology
- Singapore - Singapore
At Dyson, we demand the highest standard of performance from the technologies we engineer. Our people expect the same from the technology that supports them. We are a community that appreciates and advocates better engineering. A community of pioneers.
Dyson IT is mid-transformation. Our aim, to create robust IT architecture, to manage data effectively and efficiently and continue to grow our world-class team. A team who is strategic, enabling business acceleration, growth and success.
Our Cyber Security team
It’s no secret that our intellectual property is massively critical to our success. But how do we keep it from the prying eyes of the bad guys? Dyson’s Global Cyber Security department works effectively to keep our secrets secret and secure our crown jewels using advanced technologies to stay one step ahead of the game. We take a pragmatic approach, transforming cyber security in order to enhance our business resilience, enable our colleagues to move fast, delight our customers, and better manage potential cyber disruption. Investing in new cyber security capabilities across technology, process, and people, we build on and leverage our strong cyber security ecosystems to tackle future threats.
Our IT Security Risk & Compliance, Enterprise Security and Cyber Defence functions are the beating heart of Dyson’s Cyber Fusion Centre capabilities. Together, they enable the successful delivery of exciting new projects, help existing toolsets remain effective, enable and encourage compliance, balance red & blue team capabilities, and make sure that cyber security incidents are managed in a timely and efficient way.
About the roleWe are recruiting within our Global Cyber Team for an experienced Application Security Architect. The candidate shall be a person with strong background in security architecture of ownership experience and retail IT solutions meant for a global user base. The successful candidate will have technical experience in application development practices, application security architecture, application security best practice and security consulting. The successful candidate will be responsible for consulting on and designing the cyber security application elements of business and IT-led initiatives as well as directly supporting customer facing retail and ownership experience security initiatives.
- Work closely with our global Cyber Security practice’s multiple disciplines and other IT teams to ensure adequate security solutions are in place throughout all systems and platforms.
- Identify and mitigate any risks in legacy systems in order to meet business objectives and regulatory requirements.
- Plan, research, design and build robust security architectures for new IT and business-led projects.
- Serve as a security expert in application development, database design and network and/or platform projects, helping project teams comply with enterprise and IT Security policies, industry regulations, computer forensic investigations and best practices.
- Ensure that security requirements are identified, represented and met in all projects and initiatives.
- Design, coordinate and oversee security testing to verify the security of systems and applications and drive the remediation of identified vulnerabilities.
- Provide security risk assessment & recommendations to the business, ensuring appropriate controls are in place to protect the business, and our customers.
- Write, maintain, and follow security documentation including technical designs and operations manuals.
- Keep abreast security advisories & alerts, security trends & practices.
- Communicate with technical and non-technical audiences at various levels, including project managers, delivery teams, the global Cyber Security team, and business risk owners.
- Develop and maintain strong working relationships with key IT, business, and supplier contacts.
- Understand solutions and business focus - Engage with new business initiatives and deliver more secure and supportable solutions.
- Give Advice - Engage with IT architects, developers and engineers, legal team, privacy team, programme managers, and business data owners.
- Deliver Consultancy throughout delivery lifecycle - Assure designs, define / draft patterns, and engage with delivery (Waterfall, Agile and DevSecOps)
- Improve automation of security and efficiency - Find ways to automate security to reduce cost of ownership and improve performance.
- Drive Quality, Security, and Speed- Ensure adequate governance, make sure the easy way is the secure way and help the business deliver both securely and quickly.
About youThis is what we need you to have:
- Experience in designing and delivering secure eCommerce, Ownership Experience, Retail against a backdrop of major standards / frameworks such as PCI-DSS, ISO27001, NIST 800 series, ISA/IEC 62443.
- Experience of supporting project teams with high and low-level security consultancy, design and delivery, with a wide-ranging understanding of security considerations across key technologies such as Cisco, Microsoft, SAP, Oracle, market-leading SaaS applications, public cloud, etc.
- High level of knowledge across several security topics, ideally across the following categories:
- Security Architecture
- Including: designing infrastructure security solutions, architecting secure business applications and integrations, horizon-scanning and keeping abreast of the latest trends and technologies
- Security Consultancy
- Including: setting security requirements, knowledge of relevant regulations (e.g. GDPR, PCI-DSS, other international privacy requirements), adherence to security good practice
- System-level Security
- Including: operating system hardening, endpoint security, network security, web and application services, database security, privileged user management, etc.
- Cloud Technologies Including: Platform as a Service (PaaS), Infrastructure as a Service (IaaS), Content Delivery Networks (CDN), Web Application Firewall (WAF), etc.
- Awareness of DevOps practices and embedding security in the software development lifecycle
- Data Security
- Including: Encryption/Tokenization guidelines, Key Lifecycle Management
- Experience of supporting InfoSec Risk Assessments using industry best practice risk assessment and management methodologies
- Awareness of current industry security threats, challenges and mitigation techniques
- Strong conceptual thinking and communication skills
- Ability to work well under minimal supervision, and across multiple suppliers
- Team-oriented interpersonal skills, with the ability to communicate effectively with a broad range of people and roles globally, including vendors, IT and business personnel
Our culture is unique. It's not easy or comfortable. It's certainly not for everyone, but if you thrive on challenge and are excited by change – it could be for you.
BenefitsDyson Singapore monitors the market to ensure competitive salaries and bonuses. Beyond that, you’ll enjoy a transport allowance and comprehensive medical care and insurance. But financial benefits are just the start of a Dyson career. Professional growth, leadership development and new opportunities abound, driven by regular reviews and dynamic workshops. And with a vibrant culture, the latest devices and a relaxed dress code reflecting our engineering spirit, it’s an exciting team environment geared to fuelling and realising ambition.
We are following the government guidelines regarding COVID19. At this time all interviews will be conducted via video or telephone. We’re taking these precautionary measures to protect both our employee and candidate wellbeing. Our Talent Acquisition team will work with you and provide further information as appropriate.