Cybersecurity Engineer

Who We Are

At Kyndryl, we run and reimagine the mission-critical technology systems that drive advantage for the world's leading businesses. We are at the heart of progress; with proven expertise and a continuous flow of AI-powered insight, enabling smarter decisions, faster innovation, and a lasting competitive edge. For our people-Kyndryls-that means doing purposeful work that powers human progress. Join us and experience a flexible, supportive environment where your well-being is prioritized and your potential can thrive.

The Role

Kyndryl's Security & Resiliency is one of our most critical practices, ensuring enterprises, regardless of their size and complexity, remain secure, available, reliable, and resilient. We take Cybersecurity seriously. We're not just invested; we're committed. We're not just protecting data; we're empowering. Kyndryl is committed to making the world safer, not only by investing in state-of-the-art services and technologies but also by empowering underserved communities with essential cyber skills.

Governance, Risk & Compliance (GRC)

• Ensure compliance with IM8, WOG Cybersecurity Policies, and other government security standards.
• Lead security risk assessments, gap analyses, and mitigation planning for systems and projects.
• Develop and maintain security documentation including SRM reports, policies, procedures, and system security plans.
• Support accreditation and certification processes such as STS, SCD, and annual security reviews.

• Oversee security events, incident alerts, and vulnerabilities across systems.
• Coordinate with Government Security Operations Centres (SOC) or vendor SOC for incident triage and escalation.
• Track remediation of findings from audits, penetration tests, and vulnerability scans.
• Ensure timely reporting of incidents to relevant government cybersecurity authorities.

• Participate in system design reviews to ensure security-by-design principles.
• Review solution architectures, technical designs, and change requests for compliance with WOG policies.
• Conduct security assessments for new applications, cloud services, or infrastructure changes.
• Validate and approve deployment of security controls (e.g., MFA, encryption, endpoint protection, logging).

• Act as the primary security SME for systems under management.
• Provide guidance to project managers, developers, and infrastructure teams on government security requirements.
• Review third‑party vendor deliverables for compliance and security posture.
• Ensure data classification, handling, and protection guidelines are adhered to.

• Conduct or coordinate security awareness training for internal teams and vendors.
• Track cybersecurity trends and changes in government security regulations.
• Recommend improvements to security processes, monitoring tools, and compliance workflows.
• Drive adoption of GovTech cybersecurity initiatives (e.g., CSP, CCoP updates, logging guidelines).

• 5+ years of experience in Cybersecurity, Governance, Risk & Compliance within government or regulated environments.
• Strong knowledge of IM8, WOG Cybersecurity Policies, and government security standards (STS, SCD, SRM).
• Proven experience conducting security risk assessments, gap analysis, and security documentation (policies, procedures, SRM).
• Hands-on experience coordinating with SOC teams for incident monitoring, vulnerability management, and remediation tracking.
• Skilled in project security assurance-reviewing solution designs, cloud services, and enforcing security-by-design principles.
• Ability to act as the Security SME, providing guidance to project teams, developers, and vendors on compliance requirements.
• Strong understanding of data protection, security controls (MFA, encryption, endpoint security), and logging/monitoring practices.
• Excellent communication, stakeholder management, and documentation skills with continuous improvement mindset.