Principal Security Engineer

The NETS Group is a leading payments services group, enabling digital payments for merchants, consumers and banks across the entire payments value chain. 
 

The Group operates Singapore’s national debit scheme enabling customers of DBS Bank/POSB, HSBC, Maybank, OCBC Bank, Standard Chartered Bank and UOB to make payments using their ATM cards or mobile devices at more than 130,000 acceptance points in the country as well as online payments.

Position Summary:

The Principal Engineer plays a critical role in helping to design, implement and maintain various security tools that together form a layered defence against cyber threats. The ideal candidate will work closely with security operations, IT, and risk teams to deploy and optimize security tools, develop policies, and improve detection and response capabilities

Key Responsibilities

• Design, implement, and maintain enterprise security technologies, including but not limited to SIEM, SOAR, EDR/XDR, Anti-Virus, Vulnerability Management, DLP, PAM, IAM, WAF, and IDS/IPS.
• Lead the design and implementation of security solutions across on-premises, cloud, and hybrid environments, ensuring alignment with security architecture, regulatory, and compliance requirements.
• Manage and maintain security platforms, ensuring they are hardened, optimally configured, and compliant with organizational security standards and regulatory requirements.
• Own the technology lifecycle management of security tools, including upgrades, patching, vulnerability remediation, and ensuring systems run on supported and stable versions.
• Lead and support incident response activities, including handling critical incidents such as zero-day vulnerabilities, misconfigurations, and security breaches with minimal business impact.
• Troubleshoot complex technical issues, collaborating with cross-functional teams, vendors, and service providers to resolve implementation and operational challenges.
• Define and conduct comprehensive testing (UAT/SIT) for security solutions prior to production deployment, ensuring stability, security, and operational readiness.
• Drive end-to-end implementation initiatives, partnering with vendors and stakeholders to deliver security solutions from proof-of-concept (POC) through full-scale deployment.
• Execute BAU activities and managed changes, adhering to ITSM processes including change, incident, and problem management.
• Develop and maintain technical documentation, including standards, runbooks, KOPs, and architecture diagrams to support operations and audit requirements.
• Provide technical mentorship and guidance to engineers, building team capability and ensuring adherence to best practices.
• Support audit, compliance, and risk management activities, including evidence gathering, control validation, and remediation tracking.

Requirements

• Bachelor’s degree in Computer Science, Computer Engineering, Information Security, or a related discipline.
• Minimum 10 years of hands-on experience in security engineering, with deep expertise in implementing and managing security technologies, including but not limited to SIEM, SOAR, EDR/XDR, Anti-Virus, Vulnerability Management, DLP, PAM, IAM, WAF, and IDS/IPS.
• Minimum 5 years of hands-on experience in cloud security, including design and management of native security services across platforms such as AWS
• Strong technical foundation in information security and networking concepts, including TCP/IP, firewalls, system hardening, and secure architecture principles.
• Proficiency in Unix/Linux environments and scripting (e.g., Shell, Python), with the ability to troubleshoot and resolve complex technical and integration issues.
• Demonstrated experience in planning, designing, and executing implementation and production rollouts of security solutions, including handling risks, dependencies, and unforeseen challenges.
• Strong problem-solving skills and ability to operate independently, with a proactive, ownership-driven mindset and focus on delivering outcomes.
• Experience working in complex enterprise environments, collaborating effectively with cross-functional teams and external vendors.
• Relevant industry-recognized certifications, such as CISSP, GIAC, CEH, or equivalent, along with cloud security certifications (e.g., AWS Security Specialty or equivalent).
• Familiarity with automation and integration approaches, including APIs, scripting, and orchestration, to improve operational efficiency and scalability.

Network for Electronic Transfers (Singapore) Pte Ltd.