Summary
Salary:
Competitive
Team:
zDNU_Design and Development (Inactive)
Location:
Singapore - St James Power Station Headquarters
About Us Internet connected and smart home products are growing areas for Dyson where we aim to continue our reputation of being innovative and disruptive. Since our first launch of products in connected space, we have grown fast to several millions of connected machines, and we are envisioning a steep growth in 2026 and beyond both in scale and connected features.
We want to build reliable, scalable, and secure services and features to support these increasing demands with innovative and competitive technologies in IoT, Machine Data Lake, Data Analytics and Machine Learning to support our vision.
We have a âYou build it, you run itâ ethos and run all our services within Amazon Web Services (AWS). Our teams are responsible for the architecture, development, testing, and operational support of their services in all environments. We are a global department with teams located in the UK, Singapore, and China and we encourage flexible, independent, and innovative thinking in our engineers to deliver solutions.
Weâre building world-class cross functional Agile teams to deliver our ambitious vision in the connected space.
If you thrive on working in a collaborative, stimulating, dynamic environment and relish difficult software engineering challenges then weâd like to speak to you!
About The Role As a Lead Cloud Security Engineer in the Connected Cloud department, youâll collaborate with cloud development teams and engineers to secure our cloud native IoT platform, associated tooling, and deployed cloud services.
In addition, you will explore innovative ways to improve our overall security posture and deal with common security challenges presented by our cloud workloads.
We primarily leverage AWS to host and secure our services, along with:
Cloudflare to protect our public facing endpoints
Azure DevOps for CI/CD orchestration
AWS OpenSearch/ELK, Grafana for application monitoring
Palo Alto Prisma Cloud for compliance monitoring and adherence with cloud best practices
Veracode for SAST/SCA for scanning our cloud microservices and containers
C#, Node.js, and Python to create our services
What youâll be doing:
Responsible for promoting good security hygiene and best practices
Defining security requirements, guidelines and policies for our engineers, platforms, tooling and services
Working alongside our Cloud teams supporting, assisting and advising how to design and build secure services and platforms
Identifying and assessing our security risks, threats and vulnerabilities and provide a pragmatic approach for applying mitigation where necessary
Advocating a shifting left mentality to ensure possible threats or security issues are addressed early within the development cycle
Working with the wider software teams to design and improve the security of our current and future products
Ensuring we comply with regulatory requirements and Dyson security standards
Identifying new technologies, tools, and approaches to help continually improve our security standards and quality
Act as point of contact for any security related queries or issues and educate our engineers in security best practices
Investigate and mitigate security incidents and bug bounty escalations
What you need:
Experienced in application security workflows in public cloud providers (e.g. AWS)
Some level of coding experience (in any language)
Experienced in security tools for software development: SCA, SAST, CSPM, CNAPP, and secrets management.
Experienced in cyber risk and vulnerability management for cloud native workloads, common web-based connectivity for IoT and mobile devices
Experienced with supporting audit activities hosted by internal or external parties.
Working knowledge of Web Application Firewalls, ideally Cloudflare.
Working knowledge of Public Key Infrastructure and related operation activities
Working knowledge of data privacy frameworks/regulations like EUâs GDPR \& EU CRA, specifically the responsibilities of a cloud service provider for mobile apps \& IoT devices.
Working knowledge in cybersecurity frameworks like CIS or NIST.
Please apply if you:
Think this sounds fun
Want to help drive security to the left
Like resolving complicated problems
Have experience with some of our technologies and tools
Have a background in either software development or securing solutions
Dyson is an equal opportunity employer. We know that great minds donât think alike, and it takes all kinds of minds to make our technology so unique. We welcome applications from all backgrounds and employment decisions are made without regard to race, colour, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other any other dimension of diversity.