Now hiring

Principal Engineer, Security (SG) @ StarHub Ltd

SGOnsiteFull-timePosted 14 days ago

Opens on the employer's site

About this role

<div><div style="padding:10.0px 0.0px;border:1.0px solid transparent"><div style="font-size:16.0px;word-wrap:break-word"><H2 style="font-size:1.0em;margin:0.0px"><b>Principal Engineer, Security</b></H2> </div><div><p>Role Mission:<br>To plan, design, and drive continuous innovation in zero trust architecture, AI threat detection, and next generation forensic techniques on multi cloud environment. <br>You will act as a catalyst for transforming how we defend cloud workloads, Kubernetes clusters, and AI pipelines blending deep technical execution with a mandate to research, prototype, and productise novel security solutions.</p> <p>Responsibilities:<br>• Lead continuous innovation: identify emerging threats (cloud, container, AI), research countermeasures, build POCs, and roll out production-ready capabilities.<br>• Deep hypervisor &amp; virtualization systems engineering (KVM, Xen) with expert C/Rust programming and understanding of the full boot chain (BIOS/UEFI → kernel launch).<br>• Develop security techniques: eBPF anomaly detection, automated K8s runtime defense, forensic memory analysis for serverless workloads.<br>• Create internal security labs to simulate multi-cloud attack scenarios (cross-account privilege escalation, container escape, AI model extraction) and build novel detections.<br>• Experiment with cutting-edge tools (eBPF, Web Assembly sidecars, confidential computing) for VM introspection, real-time prompt injection detection, etc.<br>• Hands-on isolation technologies: IOMMU, VFIO, SR-IOV for high-security guest isolation.<br>• Architect and enforce unified security baseline across AWS, Alicloud, and GCP (IAM, logging, encryption, network segmentation).<br>• Implement CSPM/CWPP with auto-remediation, policy-as-code (Terraform/Checkov), and workload identity federation.<br>• Lead Kubernetes security (CKS focus): admission controllers, OPA/Gatekeeper, Falco, supply chain security (SLSA, SBOM).<br>• Deep understanding of Kubernetes core components (API server, scheduler, kubelet, CRI/CNI/CSI interfaces).<br>• Lead innovations in AI security, Quantum security and KVM security. </p></div></div><div style="padding:10.0px 0.0px;border:1.0px solid transparent"><div style="font-size:16.0px;word-wrap:break-word"><H2 style="font-size:1.0em;margin:0.0px"><b>Qualifications</b></H2> </div><div><p>Requirement ;</p> <p>• Degree in Information Technology, Engineering or related field<br>• 8+ years of experience in infrastructure/cloud security, with 2+ years as a technical lead.<br>• Deep hands on experience with AWS plus at least one of Azure/GCP.<br>• Production Kubernetes security (RBAC, network policies, admission control, runtime defence).<br>• Proficiency in Python or Go for security tooling, and Terraform for IaC.<br>• Demonstrated ability to research, prototype, and implement novel security solutions (e.g., conference talks, open source contributions, internal patents).<br>• Familiarity with OWASP Top 10 for LLMs, adversarial ML, and tools like Garak, Rebuff, or NeMo Guardrails.<br>• Certifications: CKS, AWS Certified Security – Specialty (mandatory)., GCFA, GNFA (optional)</p></div></div></div>

Ready to apply?

Install the ResuMinder extension and we'll auto-fill the application in seconds — no rewriting.

Get the extension →
See how your CV scores
Principal Engineer, Security (SG) at StarHub Ltd | ResuMinder Jobs