Job Description

Sopra Steria is a listed European technology leader specializing in Consulting, Digital Services, and Software. With over 51,000 employees worldwide across Europe, North America and Asia, the Group supports organizations in driving their digital transformation and delivering sustainable business value.

In Asia Pacific, Singapore serves as the regional headquarter for Sopra Steria’s Infrastructure, Cloud and Cybersecurity services.

For this project, we are forming a team of 6 (including 1 team lead) to assist in a huge government project to perform the following scope of works:

1. Security Risk Assessment
2. Security Policies, Standards, Guidelines, And Procedures Review
3. Security Design
4. Application Security
5. Vulnerability assessment and
6. System Security Acceptance Testing
7. Cloud Security

The selected candidate will be working collaboratively within the team to fulfil the project requirements. As such, there is no expectation for one individual to possess all skill sets in the 6 domains.

Responsibilities:

• Support the execution of security risk assessments across various environments including on-premise, cloud, DevOps, IoT, and third-party systems
• Assist in performing vulnerability assessments, analyzing findings, and documenting remediation recommendations
• Contribute to the review of security policies, standards, and procedures, ensuring alignment with industry and regulatory requirements
• Participate in application security activities such as secure code reviews, threat modelling, and CI/CD pipeline assessments
• Support cloud security assessments, including configuration reviews, access controls, and data protection practices across public and hybrid cloud platforms
• Assist in System Security Acceptance Testing (SSAT) by executing test scenarios, analyzing results, and documenting security gaps
• Document security findings, assist in preparing risk reports, and help maintain the security risk register
• Collaborate with other team members to support the delivery of cybersecurity assessments, design reviews, and compliance activities
• Perform all tasks and duties as assigned to support the completion of project, including any ad-hoc activities necessary to fulfill the client’s scope of work

Qualifications

• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field preferred.
• Relevant certifications such as CISSP, CISM, CISA, or equivalent.
• At least 3-5 of experience in cybersecurity consulting, with a focus on areas in Risk assessment, Application Security and Cloud Security.
• Hands-on experience working in cloud security environments (e.g., AWS, Azure, GCP), including identifying and mitigating security risks in cloud-based architectures.
• Strong knowledge and practical experience in conducting risk assessments and threat modelling using methodologies such as STRIDE and PASTA.
• Familiar with regulatory frameworks and standards, including NIST, and ISO 27001, etc.
• Excellent project management skills with the ability to manage multiple engagements simultaneously.
• Strong analytical and problem-solving skills, with the ability to think strategically and act tactically
• Exceptional communication skills, both written and verbal, with the ability to convey complex technical concepts to non-technical stakeholders.
• Proven ability to build and maintain client relationships, demonstrating a commitment to delivering exceptional client service

Additional Information

•Work-life balance Hybrid working mode, 18 days of Annual leave

• Health & insurance: Comprehensive coverage including General Practitioner, hospitalization, dental, and optical
•Performance incentives: Annual bonus based on individual performance
•Learning & development Training programs, certification opportunities, and training incentives to support career growth
•Team culture: Regular team-building activities and social events