Cyber Security Engineer

Cyber Security Engineer
(Singapore/Kuala Lumpur)

Job Title: Cyber Security Engineer

Working Location: Puchong, Selangor (Malaysia) - Singapore/Kuala Lumpur

Contract Type: Permanent

Work Schedule: Monday to Friday, 8:30 am to 6:00 pm

Key Responsibilities:

- Product Security Architecture & Best Practices:
Establish, maintain, and enforce secure hardware and software development lifecycle practices tailored for resource-constrained embedded systems and controllers.

- Vulnerability & Resolution:
Actively triage, investigate, and resolve security vulnerabilities (hardware, firmware, and open-source components). Coordinate with firmware teams to implement, test, and deploy critical security patches.

- Security Certification Ownership:
Lead the preparation, documentation, and technical execution required to achieve industrial security certifications, specifically IEC 62443 and regional cybersecurity standards.

- Secure Firmware Design & Implementation:
Advise R&D teams on implementing robust security mechanisms at the device level, including Hardware Unique Keys (HUK), Secure Boot, cryptographic key storage, and trusted execution environments (TEE).

- Threat Modeling & Risk Assessment:
Conduct proactive threat modeling, attack surface analysis, and risk assessments on connected devices and OT (Operational Technology) network protocol integrations (such as BACnet/SC).

- Penetration Testing & Auditing:
Perform hands-on firmware security assessments, static/dynamic code analysis (SAST/DAST), and coordinate with accredited external labs for official third-party penetration testing and compliance auditing.

- Cross-Border Technical Alignment:
Act as the primary security liaison to align local engineering initiatives with global security governance standards and architectural frameworks.

Requirements:

- Degree in Computer Engineering, Electrical/Electronics Engineering, Cybersecurity, or a related technical discipline.
- 4 to 6 years of hands-on experience in cybersecurity, focusing on embedded systems, IoT devices, or Operational Technology (OT) systems.
- Experience with industrial cybersecurity standards. Practical knowledge of IEC 62443 and navigating an official product conformity assessment is highly preferred.
- Good understanding of low-level security implementations, including familiarity with Secure Boot, TPM, TEE, SELinux, and similar technologies.
- Good understanding of Public Key Infrastructure (PKI), key/certificate management, device certificate provisioning, and industrial network security. Familiar with TLS/DTLS implementation and emerging secure protocols such as BACnet/SC (Secure Connect).

Additional Information:

- Headcount: 1
- Employment Type: Permanent
- Location: Puchong, Selangor

This dynamic role provides the opportunity to shape the security strategies and frameworks supporting embedded systems and IoT networks in a rapidly evolving industry. Join an innovative engineering team and play a key role in driving industrial security excellence across borders. Apply now to take your career to the next level!