Who we are
Open Government Products is an in-house team of engineers, designers, and product managers who build technology for the public good. We proactively identify areas where technology can help, test our prototypes with actual users, and bring our best ones to launch. This includes everything from building better frontend applications for citizens, to automating the internal operations of public agencies. We use and release open source software, keep a flat hierarchy, and bypass bureaucracy to focus on delivery. We work on real problems, build for the user, and push for change.
Projects we have worked on include:
Covid-19 Vaccination National Appointment System - A suite of systems built to enable Singapore's national vaccination campaign for Covid-
- This includes informational sites, appointment booking systems, and records management systems.
FormSG - A form builder tool for agencies to self-service and create online forms that capture classified data, with the goal of replacing paper forms.
Isomer - Isomer provides government agencies with an easy-to-deploy static website building and hosting service to create usable, secure and faster informational websites quickly.
An overview of other OGP products can be found on our website https://open.gov.sg
What does a Security Engineer do
If you love to build and are interested in internal tools and platforms that make security easy, this is the team for you!
The security engineering team supports OGPs mission by solving real cybersecurity and application security problems. We develop guardrails and secure-by-default building blocks so that anyone can deliver secure products easily rather than relying on checklists or training.
As a security engineer, you will:
Develop secure-by-default application and infrastructure components.
Build and deploy systems that automate detection, containment, and remediation of security failures.
Create distributed testing tools to measure security outcomes at OGP and across government.
Strong software engineering skills are preferred. You're not just here to identify security problems but also build the solutions.
We use cloud services, open source software, and commodity hardware as much as possible. These often include, but are not limited to: Typescript, GitHub, AWS, Pulumi, DataDog, Okta, and Semgrep. Knowing what to build and what to reuse lets us avoid wasting time on solved problems and focus on delivering actual value.
What it is like working here
Rapid Prototyping - Instead of spending too much time debating ideas we prefer testing them. This identifies potential problems quickly, and more importantly, conveys what is possible to others easily.
Ownership - In addition to technical responsibilities, this means having opinions on what is being done and having ideas on what should be done next. Building something that you believe in is the best way to build something good.
Continuous Learning - Working on new ideas often means not fully understanding what you are working on. Taking time to learn new architectures, frameworks, technologies, and even languages is not just encouraged but essential
Who we are looking for
We are look for security engineers who:
Have a demonstrated ability to build software - Prior work and personal projects count for much more than specific degrees. Security-related projects are a plus.
Design practical solutions to solve security problems - Clear thinking, scalability, and understanding the limits of an approach matter much more than getting the correct answer.
Talk and reason about security issues with other engineers - We work as a team and dont work by top-down mandates, so you need to be able to not just solve security problems, but have other people understand and embrace your solutions.
Take initiative to make things happen - Our job is to push for change in government, so we need to challenge the status quo and not wait for instruction.
Want to work for the public good - We are public servants, we serve the public. This sometimes means ignoring political pressures and misguided policies. We need people who will push back if something is not in the public interest.
Overall we look for people who have ability, initiative, good communication, and strong values.
