As a Senior Cybersecurity Engineer / Senior Cybersecurity Consultant of the Cyber Security Engineering Center (CSEC) Mobile Security team, you will be responsible for supporting the Team Lead in the technical and strategic execution of initiatives and driving efforts to safeguard mobile devices and applications against emerging threats. You will be assisting the Team lead to manage the team in enhancing the security of mobile devices and applications through technical efforts, designing and reviewing national-level mobile cybersecurity policy and guidelines, and drive initiatives to assess and raise the baseline of mobile security practices in Singapore’s digital landscape.

Responsibilities • Conduct technical and threat-driven vulnerability assessment of new mobile technologies, mobile operating systems, applications and device configurations to pre-emptively identify how emerging threats could exploit them. • Conduct risk assessment to analyse mobile threats, such as trojans, spyware, sideloaded malware, phishing apps, malicious SDKs and mobile scams to identify threat vectors and suggest mitigations. • Evaluate the efficacy of mobile security solutions, not limited to MDM, MTD, RASP, Anti-virus, against current and evolving mobile threats such as malware, and scams. • Have a strong understanding of how each solution can mitigate specific aspects of the mobile threat landscape and provide technical assessments on their effectiveness and contribution to the overall mobile security posture. • Identify and prioritise mobile security risks based on the understanding of the current and evolving mobile threat landscape through assessing threats, vulnerabilities, and potential impact. Thereafter, propose mitigations or workarounds (e.g., technical solutions, policy enforcement etc.) to address gaps found in Singapore’s mobile threat landscape.

Requirements • At least 5-8 years of experience working on mobile application development and/or cybersecurity, with focus on mobile technologies. • Understanding of mobile technology domains not limited to authentication, authorisation, data storage, cryptography, network communications. • Strong understanding of mobile vulnerabilities and threats, such as malware, banking trojans, sideloading risks, mobile scam tactics. • Familiar with mobile security testing tools to conduct basic static and dynamic analysis of mobile applications to understand how malwares work. • Bachelor degree in Computing, Computer Science, Computer Engineering, Application Development or related field. • Proficiency in programming languages such as Python, C++, and Java/Kotlin for Android, Swift/Objective-C for iOS. • Technically hands-on and curious about inner workings of mobile operating systems, malwares, and mobile security technologies. • Strong analytical and conceptualisation skills. • Strong communications and interpersonal relationship skills. • Self-driven and capable to work independently. • Able to lead a group of system engineers or consultants on technical deep-dives, project management, research projects, or engagement with external stakeholders. If you share our passion to make a difference in the cyber security landscape, take up the challenge and apply now. All applicants will be notified of whether they are shortlisted or not within four weeks of the closing date of this job posting. For any issues with the application, you may drop your resume with us at csa_recruit@csa.gov.sg. Note: CSA will be shifting to Punggol Digital District (PDD) in year 2026.

About the Cyber Security Agency of Singapore Established in 2015, the Cyber Security Agency of Singapore (CSA) seeks to keep Singapore’s cyberspace safe and secure to underpin our Nation Security, power a Digital Economy and protect our Digital Way of Life. It maintains an oversight of national cybersecurity functions and works with sector leads to protect Singapore’s Critical Information Infrastructure. CSA also engages with various stakeholders to heighten cyber security awareness, build a vibrant cybersecurity ecosystem supported by a robust workforce, pursue international partnerships and drive regional cybersecurity capacity building programmes. CSA is part of the Prime Minister’s Office and is managed by the Ministry of Digital Development and Information. For more news and information, please visit www.csa.gov.sg