Cybersecurity Engineer

Sourceability is building a new Global Engineering Organization (GEO) to strengthen internal software delivery, production reliability, infrastructure operations, and practical security ownership across business-critical systems.

We are looking for a Cybersecurity Engineer to help implement, monitor, and improve security controls across Sourceability’s systems, infrastructure, endpoints, identity platforms, and engineering delivery processes. This role will work closely with the Infrastructure & Security Manager, SysOps, DevOps, Software Engineering, DBA, and business technology teams to reduce security risk in a practical and operationally effective way.

This is a hands-on security engineering role. The Cybersecurity Engineer will support vulnerability management, access control, endpoint and server security, network security, security monitoring, incident response, DevSecOps practices, and compliance evidence collection. This role is not expected to own all corporate security governance independently, but it will be a key execution role for improving Sourceability’s security posture.

The right candidate should be comfortable working in a hybrid environment with on-premise infrastructure, cloud services, distributed teams, business-critical applications, and security practices that are still being formalized as part of the GEO operating model.

This role is hybrid from our Singapore office. 

Insight on Your Impact:

• Implement, maintain, and improve practical security controls across servers, endpoints, cloud services, network infrastructure, identity systems, and engineering platforms.
• Support vulnerability management, including scanning, validation, prioritization, remediation tracking, and reporting of security risks.
• Monitor security alerts and events from endpoint protection, SIEM / logging tools, vulnerability scanners, identity systems, firewalls, VPNs, and other security platforms.
• Triage security alerts, investigate suspicious activity, document findings, and escalate incidents through the agreed incident response process.
• Support security incident response activities, including evidence collection, containment support, remediation tracking, and post-incident improvement actions.
• Partner with Infrastructure / SysOps teams on server hardening, patching, configuration baselines, backup security, firewall rules, VPN access, and network segmentation.
• Partner with DevOps and Software Engineering teams to embed security into CI/CD, code repositories, dependency management, secrets handling, release readiness, and application security checks.
• Support identity and access management controls, including least privilege, role-based access, privileged account review, MFA, access reviews, and joiner / mover / leaver process improvements.
• Assist with endpoint, server, and cloud security tooling, including policy configuration, alert tuning, remediation follow-up, and operational documentation.
• Support security reviews for new systems, integrations, infrastructure changes, vendor tools, and production-impacting technology decisions.
• Help maintain security policies, standards, procedures, runbooks, and technical documentation in a practical and usable format.
• Support compliance and audit activities by collecting evidence, documenting controls, and tracking remediation items, without becoming the sole owner of compliance programs.
• Communicate security risks clearly to technical and non-technical stakeholders, including impact, priority, recommended actions, and remediation status.
• Contribute to security awareness by helping teams understand practical security expectations and common risk areas.

Your Qualifications, Your Influence:

• 3+ years of experience in cybersecurity, information security, security engineering, infrastructure security, or similar hands-on security roles.
• Practical understanding of cybersecurity principles, vulnerability management, incident response, access control, endpoint security, network security, and secure system configuration.
• Hands-on experience with security tooling such as EDR / endpoint protection, SIEM or log management, vulnerability scanners, identity platforms, firewall / VPN tools, or cloud security tools.
• Working knowledge of Windows and Linux server security, patching, hardening, logging, and operational troubleshooting.
• Understanding of network security concepts including firewalls, VPN, DNS, IDS / IPS, segmentation, remote access, and zero trust principles.
• Experience supporting identity and access management practices, including MFA, least privilege, privileged access, role-based access control, and access reviews.
• Ability to investigate security alerts, analyze logs, validate vulnerabilities, document findings, and follow issues through remediation.
• Understanding of application security concepts, secure SDLC, dependency scanning, secrets management, SAST / DAST concepts, and DevSecOps practices.
• Ability to work with infrastructure, DevOps, software engineering, DBA, and business teams to implement security controls without unnecessarily blocking delivery.
• Strong written communication skills and ability to create clear documentation, runbooks, remediation notes, and risk summaries.
• High ownership mindset, structured troubleshooting approach, and ability to operate in a distributed, multi-timezone environment.

Preferred Skills and Technical Familiarity:

• Experience with Microsoft security ecosystem, including Microsoft Defender, Microsoft Entra ID / Azure AD, Intune, Microsoft Sentinel, or related tools.
• Experience with security controls in hybrid environments that include on-premise infrastructure, cloud services, VPN, data centers, and distributed offices.
• Familiarity with Azure, AWS, or GCP security services and cloud security best practices.
• Experience supporting vulnerability remediation for Windows servers, Linux servers, network devices, endpoints, databases, and web applications.
• Familiarity with compliance frameworks or control libraries such as SOC 2, ISO 27001, NIST, CIS Controls, GDPR, or similar.
• Experience with secure configuration baselines, CIS benchmarks, patch management, endpoint management, and configuration drift detection.
• Experience with application security testing tools, dependency scanning, container scanning, or CI/CD security integrations.
• Relevant certifications such as Security+, CySA+, SSCP, CISSP Associate, CEH, Azure Security Engineer, or similar are helpful but not required.
• Background in electronic components, B2B technology, supply chain, distribution, manufacturing, logistics, e-commerce, or similar business environments.

Success in the First 90 Days:

• Understand Sourceability’s infrastructure, identity systems, endpoint environment, security tooling, production platforms, and key operational risks.
• Build working relationships with the Infrastructure & Security Manager, SysOps, DevOps, Software Engineering, DBA, Product / Delivery, and business technology stakeholders.
• Review existing vulnerability management, patching, endpoint protection, IAM, logging, alerting, and incident response practices