Who we are
Open Government Products is an in-house team of engineers, designers, and product managers who build technology for the public good. We proactively identify areas where technology can help, test our prototypes with actual users, and bring our best ones to launch. This includes everything from building better frontend applications for citizens, to automating the internal operations of public agencies. We use and release open source software, keep a flat hierarchy, and bypass bureaucracy to focus on delivery. We work on real problems, build for the user, and push for change.
Projects we have worked on include:
Covid-19 Vaccination National Appointment System - A suite of systems built to enable Singapore's national vaccination campaign for Covid-19. This includes informational sites, appointment booking systems, and records management systems.
FormSG - A form builder tool for agencies to self-service and create online forms that capture classified data, with the goal of replacing paper forms.
Isomer - Isomer provides government agencies with an easy-to-deploy static website building and hosting service to create usable, secure and faster informational websites quickly.
An overview of other OGP products can be found on our website https://open.gov.sg
What does a Senior Security Engineer do?
If you can hack and build, this is the job for you!
The security engineering team supports OGP’s mission by solving real cybersecurity and application security problems. We develop guardrails and secure-by-default building blocks so that anyone can deliver secure products easily.
As a senior security engineer, you will:
Identify security gaps in the organisation and product teams and potential solutions that scale well.
Develop secure-by-design application and infrastructure components.
Build and deploy systems that automate detection, containment, and remediation of security failures.
Create distributed testing tools to measure security outcomes at OGP and across government.
Strong software engineering skills are preferred. You're not just here to identify security problems but also build the solutions.
We use cloud services, open source software, and commodity hardware as much as possible. These often include, but are not limited to: Typescript, GitHub, AWS, Pulumi, DataDog, Okta, and Semgrep. Knowing what to build and what to reuse lets us avoid wasting time on solved problems and focus on delivering actual value.
What it is like working here
Rapid Prototyping - Instead of spending too much time debating ideas we prefer testing them. This identifies potential problems quickly, and more importantly, conveys what is possible to others easily.
Ownership - In addition to technical responsibilities, this means having opinions on what is being done and having ideas on what should be done next. Building something that you believe in is the best way to build something good.
Continuous Learning - Working on new ideas often means not fully understanding what you are working on. Taking time to learn new architectures, frameworks, technologies, and even languages is not just encouraged but essential