Lead Cloud Security Engineer

We want to build reliable, scalable, and secure services and features to support these increasing demands with innovative and competitive technologies in IoT, Machine Data Lake, Data Analytics and Machine Learning to support our vision.  We have a ‘You build it, you run it’ ethos and run all our services within Amazon Web Services (AWS). Our teams are responsible for the architecture, development, testing, and operational support of their services in all environments. We are a global department with teams located in the UK, Singapore, and China and we encourage flexible, independent, and innovative thinking in our engineers to deliver solutions.

As a Lead Cloud Security Engineer in the Connected Cloud department, you’ll collaborate with cloud development teams and engineers to secure our cloud native IoT platform, associated tooling, and deployed cloud services. We primarily leverage AWS to host and secure our services, along with: 

• Responsible for promoting good security hygiene and best practices

• Defining security requirements, guidelines and policies for our engineers, platforms, tooling and services

• Working alongside our Cloud teams supporting, assisting and advising how to design and build secure services and platforms

• Develop Cloud services in C# .NET Core on AWS

• Identifying and assessing our security risks, threats and vulnerabilities and providing a pragmatic approach for applying mitigation where necessary 

• Advocating a shifting left mentality to ensure possible threats or security issues can address early within the development cycle

• Working with the wider software teams to design and improve the security of our current and future products

• Ensuring we comply with regulatory requirements and Dyson security standards

• Identifying new technologies, tools, and approaches to help continually improve our security standards and quality

• Act as point of contact for any security related queries or issues and educated our engineers in security best practices

• Investigate and mitigate security incidents and bug bounty escalations

• Experienced in application security workflows in public cloud providers (e.g. AWS)

• Some level of coding experience (in any language)

• Experienced in security tools for software development: SCA, SAST, CSPM, CNAPP, and secrets management.

• Experienced in cyber risk and vulnerability management for cloud native workloads, common web-based connectivity for IoT and mobile devices

• Worked with supporting audit activities hosted by internal or external parties.

• Working knowledge of Web Application Firewalls, ideally Cloudflare.

• Working knowledge of Public Key Infrastructure and Certificate Authorities (CA operations and support).

• Working knowledge of data privacy frameworks/regulations like EU’s GDPR & EU CRA, specifically the responsibilities of a cloud service provider for mobile apps & IoT devices.

• Working knowledge in cybersecurity frameworks like CIS or NIST.

Dyson Singapore monitors the market to ensure competitive salaries and bonuses. Beyond that, you’ll enjoy a transport allowance and comprehensive medical care and insurance. But financial benefits are just the start of a Dyson career. Professional growth, leadership development and new opportunities abound, driven by regular reviews and dynamic workshops. And with a vibrant culture, the latest devices and a relaxed dress code reflecting our engineering spirit, it’s an exciting team environment geared to fueling and realising ambition.