Lead Data Security Engineer
Date: 6 Jan 2024
At Singtel, our mission is to Empower Every Generation. We are dedicated to fostering an equitable and forward-thinking work environment where our employees experience a strong sense of Belonging, to make meaningful Impact and Grow both personally and professionally. By joining Singtel, you will be part of a caring, inclusive and diverse workforce that creates positive impact and a sustainable future for all.
We create great technology that can change the future, and we’re looking for people to be part of our digital and 5G journey. If you like to work in a dynamic, leading communications technology group to deliver innovations and excellence across the region, come join our digital, software engineering, data and cyber security teams!
Apply now, and ignite our digital future together.
Make an Impact by
- Develop and maintain a comprehensive data security strategy for Databricks, aligned with the organization’s overall security goals and risk management objectives.
- Define Cloud Security Posture Management (CSPM) guidelines.
- Evaluate and implement data security standards such as Access Management, Data Masking, Hashing, tokenization, DLP, authentication, authorization, Backup & Recovery, data disposition, data resiliency, data encryption.
- Databricks Security Features: Utilize and configure Databricks (Unity Catalog) built-in security features such as access controls, Dynamic Views, workspace policies, network isolation, and single sign-on (SSO) for enhanced data protection
- Design & Implement Access Control Framework with Least Privilege Principles
- Evaluate and renew implemented data security, privacy, overall data control solutions to ensure their relevance and effectiveness in supporting business needs and regulatory requirement (PDPA, GDPR, ISO 27001, Telecom act etc.)
- Data Encryption and Protection in Azure Platform & Databricks: Oversee the implementation and management of data encryption, tokenization, masking, and other security mechanisms within Databricks environments to protect sensitive data at rest, in transit, and during processing.
- Drive right approach to development, optimization, testing and tooling to improve overall data control management (Security, Consent Management, Privacy, protection)
- Review, analyze, benchmark, and approve solution design from product companies, internal teams and vendors.
- Implement Data Access Audit & Monitoring, familiar with Azure stack (Azure Monitor, Azure Sentinel) and report on anomalies
- Security Monitoring for Databricks: Implement and manage data security monitoring tools and systems tailored for Databricks environments, analyzing logs and alerts to detect and respond to potential security threats within Databricks
- Define Best-Practices and Process for protecting Data in Use, Data in Motion and Data at Rest (i.e., TLS, SAS, TDE, Server/Client-side encryption, storage encryption)
- Responsible for automating Data Security Controls & Processes to provide improved operational support.
- Interpret Data Security and Technical requirements into Business Requirements and communicate security risks to relevant stakeholders.
- Responsible for the through documentations of implementations, via technical documentation and run books
- Implement IAM (Identity and Access Management) to Streamline fine grained access controls across the cloud landscape.
- Establish controls and process to enable Secure Data Sharing with Internal and External Stakeholders
- Supervise Zero trust posture and policy enforcement.
- Design and implementation of Platform & Data security capabilities like Privilege Access Management, Vulnerability Assessment, End Point Protection, End Point Detection and Response, Certification Authority and Key Management, Application Security
- Incident Response for Databricks: Lead data security incident response efforts specifically related to Databricks, including investigation, containment, eradication, and recovery from security breaches or data leaks within Databricks environments.
- Databricks Vulnerability Management: Develop and execute vulnerability assessment and management programs specifically targeting Databricks workloads, identifying and mitigating data security risks in a timely manner.
- Operationalizing the implemented capabilities to ensure that the Security objectives are met.
Skills for Success
- Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field.
- Highly experienced and skilled Lead Data Security Engineer with 12 years of proven expertise in the data field, specifically with knowledge of Cloud Platforms such as (Azure, AWS) & Databricks.
- To be responsible for developing and implementing robust data security strategies, protocols, and solutions to safeguard our organization’s sensitive and critical information assets, with a particular focus on securing data within Azure, Databricks’ Unified Analytics Platform. Deman
Headquartered in Singapore, Singtel has 140 years of operating experience and played a pivotal role in the country’s development as a major communications hub. Optus, our subsidiary in Australia, is a leader in integrated telecommunications, constantly raising the bar in innovative products and services.
We are also strategically invested in leading companies in Asia and Africa, including Bharti Airtel (India, South Asia and Africa), Telkomsel (Indonesia), Globe Telecom (the Philippines) and Advanced Info Service (Thailand). We work closely with our associates, leveraging our scale in networks, customer reach and extensive operational experience to lead and shape the communications industry.
Together, the Group serves over 700 million mobile customers around world. Singtel is one of the largest listed Singapore companies on the Singapore Exchange by market capitalisation.
The Group has a vast network of offices throughout Asia Pacific, Europe and the USA, and employs more than 23,000 staff worldwide.