Search by job, company or skills

Starhub

Principal Engineer, Cybersecurity GRC

Starhub
Singapore
5-8 Years
Save
  • Posted a month ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Job Description

Job Description

As a Principal Engineer (GRC), you will execute and own daytoday cybersecurity governance, risk and compliance activities across StarHub's business units. You will ensure our digital assets and projects comply with internal security policies and Singapore telco regulatory obligations (e.g., IMDA, CSA, TCS, BCS, CCoPv2) while uplifting our detection and response capabilities. You will collaborate with internal teams, our MSSP, and external consultants to deliver security reviews, exercises, and remediation on time and to a high standard.

Key Responsibilities:

  • Regulatory Compliance & Governance (Execution)Maintain Cybersecurity Management (CSM) documentation and contribute to 5G policy development to align with regulatory obligations and deadlines.Plan and execute—together with appointed consultants and internal stakeholders—the following annual/biennial activities, including drafting and socialising reports and tracking remediation to closure:BiAnnual Host Configuration Reviews for CII and CIIsupporting assetsAnnual TableTop Exercises (TTX) across major stakeholdersBiennial external audits with auditors and key business unitsMaintain auditready artefacts and ensure submissions meet expected timelines and quality.
  • Security Engineering & OperationsPartner with the MSSP and platform owners to ensure comprehensive 24×7 log ingestion and monitoring coverage; onboard new log sources and use cases.Tune SIEM/SOAR detections and playbooks; develop runbooks to reduce mean time to detect/respond.Track and drive vulnerability remediation for assigned systems; ensure adherence to SLA (e.g., critical within 14 days) and report status to stakeholders.Support incident response (IR): triage, containment coordination, evidence preservation, and postincident reviews; facilitate lessons learned and control improvements.Develop or enhance automation (e.g., scripts/dashboards) for evidence collection, risk tracking, and compliance reporting.
  • Risk Management & AssurancePerform risk assessments and threat modelling for new/changed business solutions; define security requirements and validate they are tested before golive.Maintain accurate risk register entries for owned domains; ensure risks have clear owners, treatments, and review cadences.Evaluate new security solutions/approaches and contribute to policies, standards, and guidelines.

Qualifications


Qualifications

Requirements:

Bachelor's degree in Computer Science, Computer Engineering, Information Technology, or related field.5–8 years handson experience in cybersecurity engineering and/or GRC within a telco or similarly regulated environment.

Familiarity with Singapore regulatory landscape (IMDA, CSA, CII requirements) and enterprise frameworks (e.g., NIST CSF, ISO/IEC 27001).

Demonstrated experience in one or more of: identity & access management (RBAC, MFA, PAM), cryptographic controls, vulnerability management, firewall policy reviews, log analysis, packet/stream analysis, SIEM/SOAR tuning, and incident handling.

Strong written and verbal communication skills; ability to prepare reports for technical and senior, nontechnical stakeholders.Able to participate in oncall/afterhours support during critical cybersecurity incidents.

Preferred Certifications (nicetohave): GCIH, GCFA, CISA, CISSP (or equivalent).

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Cybersecurity
Employment Type:
Full time

About Company

Starhub

Job ID: 147560149

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Jobs in Top Cities
Popular Jobs
Last Updated: 16-06-2026 06:50:30 AM
Homejobs in SingaporePrincipal Engineer, Cybersecurity GRC

Similar Jobs

Cybersecurity Principal Engineer

st engineering urban solutions ltd.
S
Singapore

Skills:

network securityVpnsIpsFirewallsIncident ResponseGcpIdsSiemPAMAzureCismAWSAWS Security SpecialtyCisathreat detectionSecurity MonitoringCissp

Senior Principal Engineer, Infrastructure Architecture & Governance

Mediacorp
Singapore

Skills:

CybersecurityCloudEnterprise ArchitectureInfrastructure ArchitectureArchitecture ReviewInfrastructure OperationsOn-premisesSolution GuidanceStakeholder ManagementSecurity Risk ComplianceLifecycle Modernization ManagementTechnical GovernanceHybrid EnvironmentsGovernance Standards

Senior Principal Engineer, Infrastructure Architecture & Governance

hyperscal solutions pte. ltd.
H
Singapore

Skills:

NetworkingWindowsLinuxInfrastructure ArchitectureRisk AssessmentSecure-by-Design PrinciplesOn-Premises EnvironmentsAzure Solutions ArchitectGovernance PracticesHybrid EnvironmentsAWS Solutions ArchitectIaCCompliance StandardsStakeholder ManagementCloud Environments

Principal Engineer, SSD Validation

Micron Technology
Singapore

Skills:

nand flash CNvmePcieLinuxFtlPythonSSD firmware test developmentSATA protocolsFionvme-cliPLPShell automation framework developmentWLPyNVMeTest ToolsGc

Principal Engineer - Implant Equipment

u3 infotech pte. ltd.
U
Singapore

Skills:

four-point probeFmeaSpcsheet resistance measurementFDCProcess Optimizationdocumentation practicescontamination monitoringprocess tuningellipsometryQuality SystemsTechnology Transferstructured root cause analysisDoeyield improvementsimsdefect reduction methodologiesprocess integrationbeam parameter optimizationqualification activitiesMetrologyAnalytical Methodsdefect analysis techniquesion implantation processesequipment matchingTroubleshootingsemiconductor fab safety standardscompliance requirements