Principal Cybersecurity Engineer

SSMC (Systems on Silicon Manufacturing Company Pte. Ltd.), is a Joint Venture between NXP and TSMC. We offer flexible and cost effective semiconductor fabrication solutions by maintaining fully equipped SMIF cleanroom environment, 100% equipment automation and proven wafer-manufacturing processes.

At SSMC , every career journey is unique and rewarding. We're looking for innovative, passionate, and talented people like you to join our team.

We’re searching for a Principal Cybersecurity Engineer to be part of our IT Department diverse team of talent. You will be responsible in Network Security and Systems Support. This is a 1-year contract role.

What you will be working on:

• To support, manage security tools, provide solutions, identify, secure both enterprise IT applications, servers, and cloud environments) and operational technology (OT) systems.
• Assess, deploy, and monitor cybersecurity tools across the manufacturing network.
• Secure IT/OT infrastructure.
• Network security.
• Conduct vulnerability assessments and penetration tests on plant floor systems.
• Configure and manage firewalls, IDS/IPS, and endpoint security.
• Customize workflows, forms, and reports to meet business user needs.
• Perform security assessments on web applications, APIs, and microservices (e.g., static and dynamic analysis, vulnerability scanning).
• Identify and remediate application vulnerabilities such as SQL injection, XSS, CSRF, and insecure deserialization.
• Work closely with development teams to integrate security into the software development lifecycle (SDLC) through secure coding practices and threat modeling.
• Lead and conduct security code reviews, identifying vulnerabilities and recommending mitigation strategies.
• Advise developers on secure coding practices, OWASP Top 10, and security requirements for application design.
• Secure configuration of servers, databases, and web services to ensure they are hardened according to industry best practices (CIS benchmarks, NIST).
• Work with DevOps teams to implement security controls such as Infrastructure-asCode (laC) and container security (e.g., Docker, Kubernetes).
• Integrate security tools (e.g., SAST/DAST, vulnerability scanners) into CI/CD pipelines to ensure continuous security checks during development and deployment.
• Strong scripting skills (Python, Bash, PowerShell, etc.) to automate security tasks such as patching, monitoring, and reporting.
• Experience in responding to application and server security incidents, including incident detection, triage, and mitigation.
• Familiarity with SIEM tools and log analysis for identifying potential security incidents.
• Work with engineering to apply security patches and firmware updates safely.
• Develop playbooks for incident response specific to OT environments.
• Coordinate with IT Security to bridge IT/OT cybersecurity strategy.

More About You:

• Bachelor’s or Master’s degree in Computer Science, Data Engineering, or a related field.
• Certifications: Security+, GICSP, CISSP, or similar (preferred)
• Certified Ethical Hacker (CEH)
• Atleast 6 years of Cybersecurity experience.
• Cybersecurity experience, including manufacturing or industrial IT
• Experience with network & Security tools
• Experience with web application security concepts, including secure coding practices, encryption, and secure communications.
• Experience with tools for static and dynamic application security testing (SAST/DAST) such as Checkmarx, Veracode, or SonarQube.
• Experience with vulnerability scanning tools such as Burp Suite, Nessus, and others.
• Expertise in securing Linux/Unix and Windows servers, including hardening, patching, and configuring secure server environments.
• Experience of configuration management and automation tools (e.g., Ansible, Terraform, Chef, Puppet).
• Experience with firewalls, intrusion detection/prevention systems, and VPNs.
• Strong scripting skills (Python, Bash, PowerShell, etc.) to automate security tasks such as patching, monitoring, and reporting.
• Experience with CI/CD pipelines and integrating security into these pipelines.
• Experience in responding to application and server security incidents, including incident detection, triage, and mitigation.
• Experience with SIEM tools and log analysis for identifying potential security incidents.
• Experience with industry security frameworks such as NIST 800-53, ISO 27001, ar CIS Controls.
• Knowledge of industrial protocols (¢.g., Modbus, DNP3, OPC-UA, Ethernet/IP).
• Monitor and analyze OT network traffic for anomalies and threats.
• Strong understanding of OWASP Top 10 security risks and mitigation strategies.
• Strong communication skills and the ability to work collaboratively with cross-functional teams.
• A proactive, self-motivated individual who can identify risks and take the initiative to resolve them.
• Ability to stay updated with the latest trends in cybersecurity, application security, and emerging threats.
• Good team player
• Must be able to work independently.

SSMC is committed to equal employment opportunities and abides by the Tripartite Guidelines on Fair Employment Practices (TGFEP). All qualified applicants will receive non-discriminatory consideration for employment on the basis of merit and regardless of age, race, gender, religion, marital status and family responsibilities, or disability, or any other attributes as protected by the relevant laws.