-
Xiaomi Technology

Cybersecurity Engineer (Security operations)

Xiaomi Technology
Singapore · Full-time · Entry

Job Responsibilities

1. Security Protection System Operations

- Manage the end-to-end lifecycle of core security solutions (including WAF, MiShield, HIDS) for Xiaomi’s international business portfolio, including configuring policies, optimizing rules, and expanding coverage to protect web/mobile applications against common threats (e.g., OWASP Top 10).

- Develop real-time monitoring/alerting frameworks, analyze security logs to detect anomalous traffic and attack activities, produce root-cause analysis reports, and enhance defense strategies.

2. API Security Capability Development

- Lead the design of an API security framework for international operations, ensuring end-to-end interface protection. Create models for abnormal behavior detection and access control policies to mitigate risks like unauthorized data access and API abuse.

- Integrate with API gateways/microservices, incorporate SAST/DAST tools to advance shift-left security practices, and establish developer security guidelines.

3. Vulnerability Management

- Oversee end-to-end vulnerability processes (scanning, risk assessment, remediation) for international business. Implement high-risk vulnerability response mechanisms and collaborate with R&D teams on code-level fixes.

- Monitor global threat intelligence and zero-day vulnerabilities, organize regular red/blue team exercises, and refine emergency response protocols.

4. Compliance and Collaboration Support

- Ensure security operations adhere to regional regulatory standards, including GDPR and Singapore Personal Data Protection Act (PDPA), and prepare compliance audit reports.

- Collaborate with international business units, local compliance teams, and third-party vendors to deliver security technical support and training.


Job Requirements

1. Education and Experience

- Bachelor’s degree or higher in Computer Science, Information Security, or a related field.

2. Technical Skills

- Expertise in operating security products (e.g., WAF, IDS).

- Proficiency in API security design/protection, including OWASP API Top 10 knowledge and gateway security policy deployment.

- Familiarity with vulnerability management processes and tools (e.g., Nessus, Burp Suite), along with the ability to reproduce vulnerabilities and validate remediation efforts.

- Proficiency in scripting languages like Python/Shell; experience in developing security automation tools is an advantage.

3. Core Competencies

- Knowledge of international data security regulations and compliance requirements, with effective cross-regional team collaboration skills.

- Fluency in English and Mandarin (spoken and written) for daily work; professional certifications such as CISSP or CSSLP are preferred.

- Strong sense of responsibility and problem-solving abilities, with the capacity to respond to unexpected security incidents.

4. Bilingual in English and Mandarin In order to communicate with customers and China office colleagues.

Key Skills

Ranked by relevance

owasp security practices burp suite nessus cissp gdpr
Login to Apply
Posted
Jul 03, 2026
Type
Full-time
Level
Entry
Location
Singapore

Industries

Technology Information Media Information Services

Categories

Information Technology

Related Jobs

3 roles aligned with this opportunity

View all jobs
View Job Details
Xiaomi Technology
Related

Cybersecurity Engineer – Anti-Fraud & Content Security(A230883)

2026-05-28

Full-time
Entry
Singapore
Information Services
Information Technology
View Job Details
MCG Talent
Related

Data Analyst

2026-07-03

Full-time
Mid-Senior
Singapore
Technology
Information Technology
View Job Details
Google
Related

Security Engineer, Enterprise Data Protection

2026-06-30

Full-time
Not Applicable
Singapore
Information Services
Information Technology