- Experience
- 8+ yrs
- Salary
- —
- Openings
- 1
- Posted
- 4 hours ago
- Work mode
- In office
- Education
- Bachelor’s degree in Information Security, Computer Science, IT, or related discipline
- Resume
- Required to apply
Where you'll work
Job description
Role overview
This position is based in Singapore and reports to the Head of Cybersecurity & IT. The role is focused on shaping and running the company’s cybersecurity program, covering governance, risk, compliance, and day-to-day security operations. The goal is to strengthen controls, ensure policies are followed, and continuously improve the organization’s security posture.
Cybersecurity governance and compliance
- Build, roll out, and keep updated the organization’s cybersecurity policies, standards, and procedures.
- Drive compliance work for ISO 27001, Cyber Essentials/Cyber Trust Mark, SOC 2, and any relevant regulatory obligations.
- Carry out security risk assessments and ensure identified gaps are addressed.
Security operations and incident management
- Manage security monitoring, vulnerability management, and incident response activities.
- Investigate security events and coordinate the required remediation actions.
- Define, track, and report on cybersecurity KPIs, controls, and related metrics.
Security architecture and risk management
- Review and strengthen security controls across infrastructure, cloud, networks, applications, and endpoints.
- Evaluate cybersecurity risks linked to new technology, system changes, and business initiatives.
- Partner with IT teams to implement security best practices and hardening measures.
Audits and remediation
- Lead both internal and external security audit activities.
- Maintain remediation plans for vulnerabilities and audit observations.
- Ensure security gaps and compliance issues are resolved within required timelines.
Security awareness
- Create and deliver cybersecurity awareness and training sessions.
- Help build a strong security-first culture across the organization.
Vendor and third-party security
- Assess the security posture of vendors and third-party service providers.
- Embed cybersecurity requirements into vendor management processes.
Requirements
- A bachelor’s degree in Information Security, Computer Science, IT, or a closely related field.
- At least 8 years of experience across IT and cybersecurity, including 3 or more years in a leadership capacity.
- Solid understanding of cybersecurity frameworks such as ISO 27001, NIST, CIS Controls, and Cyber Essentials.
- Practical experience in vulnerability management, incident response, and governance, risk, and compliance (GRC).
- Familiarity with Microsoft 365 Security, Azure, AWS, cloud security, firewalls, EDR/XDR, SIEM, and endpoint protection tools.
- Professional certifications like CISSP, CISM, CEH, ISO 27001 Lead Implementer/Auditor, or similar are a plus.
- Strong leadership and stakeholder management skills, along with clear communication and report-writing ability.
- Ability to influence change, drive security improvements, and work in a hands-on, problem-solving manner.
Additional information
Location: Singapore
Reports to: Head, Cybersecurity & IT