523 Chief Information Security Officer jobs in Singapore

Our client is a government agency which supports ICT delivery services. This is a leadership role that requires technical proficiency demonstrated in multiple cybersecurity domains.

Responsibilities:

• Lead the agency-level cybersecurity function in supporting agency digital transformation initiatives whilst ensuring digital resilience of agency systems.
• Formulate and implement agency cybersecurity strategies, policies and work plans, ensuring continuous alignment with agency's business strategic goals
• Review and enhance risk management through threat-based risk assessments, risk mitigations, risk monitoring and reporting.
• Provide consultation and endorse risk management and mitigation plans from agency's project teams.
• Govern and enhance the agency's security posture by maintaining visibility and oversight of ICT assets, security architectures, and cybersecurity operations code of practices.
• Develop and maintain incident response plan and playbooks. This involves planning, designing and conduct of security incident response workshops and exercises (table-top exercises, simulation and drills) as well as lead the investigation and management of ICT security incidents.
• Provide advisory and recommendations on appropriate cybersecurity technologies to be deployed that meets agency's business requirements and aligned with WOG-wide advisories and practices.
• Ensure secure by design ICT product development, and that security controls implementations comply with the defined security policies, standards and guidelines.
• Develop and maintain effective cybersecurity awareness and training programmes

Requirements:

• Degree in Computer Science, Information Systems, Engineering or related Technology field
• At least 8-10 years of management experience related to information security and solid grasp of ICT operations, security policies, business processes and the relationship between them.
• Ability to work with multi-functional, multi-disciplined teams to formulate, institute real time awareness of security posture and baseline among end users.
• Good interpersonal and partner/executive leadership skills.
• Demonstrate knowledge and experience in security by design implementations, review of system architecture, devsecops practices, Infrastructure as Code (IaC) tools and securing CI/CD pipelines
• Demonstrate understanding of cloud service models (IaaS, PaaS, SaaS), coupled with a strong understanding of core cloud services and modern cloud-native architectures (serverless, containers, microservices)
• Identify on-premises and cloud-specific cybersecurity risks and threats, demonstrating skills to thoroughly assess their impact and likelihood. This assessment encompasses, but is not limited to, secure configurations, insider threats, vendor risks, data leakage, malwares including ransomware, account hijacking, and compliance risks.
• Evaluate the effectiveness of existing controls and recommending appropriate mitigation strategies for on-premises and cloud-related cybersecurity and data security issues.
• Display understanding of emerging threats and technologies, and the ability to translate risk into business impact
• Strong understanding of compliance requirements and the ability to identify potential violations in on-premises or cloud environments.
• Able to communicate cyber security topics effectively to senior stakeholders.
• Minimally possess CISSP certification, preferably with other related certifications, e.g. CISM, CCSP, GCIH that demonstrates continuous learning and knowledge of industry best practices.
• We believe in being Agile, Bold and Collaborative, and are looking for people who identify with these values.

Position: Chief Information Security Officer (CISO)

We are looking for an accomplished Chief Information Security Officer to join our senior leadership team. This role is responsible for defining and executing the company's information security vision, ensuring the confidentiality, integrity, and availability of our digital assets, and building a strong defense framework to protect against evolving cyber threats.

The ideal candidate is a proven cybersecurity leader with deep expertise in information security, risk management, and team leadership, capable of steering the organization through a rapidly changing security landscape.

• Establish and drive the company's overall information security strategy.
• Safeguard corporate data, intellectual property, and critical systems from cyber risks.
• Develop and enforce security standards, policies, and processes aligned with business needs and compliance requirements.
• Identify potential vulnerabilities and mitigate risks to ensure long-term resilience.
• Maintain compliance with applicable industry regulations and legal requirements.
• Oversee security audits, compliance checks, incident response, and breach investigations.
• Collaborate with IT, legal, and business functions to embed security into day-to-day operations.

• Design, implement, and maintain a comprehensive information security program covering defense, monitoring, data protection, and operations.
• Conduct regular risk assessments and vulnerability evaluations, driving remediation initiatives.
• Lead the detection, response, and recovery processes for security incidents, ensuring timely resolution.
• Manage the organization's security architecture and tools to support secure IT operations.
• Partner with legal and compliance teams to ensure adherence to data protection laws (e.g., GDPR, HIPAA).
• Report on the company's security posture, metrics, and improvement strategies to the executive board.
• Promote security awareness across the organization through training and engagement programs.
• Stay ahead of emerging cybersecurity trends and adopt best practices to strengthen defenses proactively.

Essential Qualifications

• Bachelor's degree in Information Security, Computer Science, or related discipline.
• At least 10 years of senior experience in cybersecurity, including proven success as a CISO or equivalent leadership role.
• Strong knowledge of security frameworks (e.g., NIST, ISO and risk management methodologies.
• Proficiency in security auditing, vulnerability management, and risk reduction strategies.
• Hands-on experience with enterprise security technologies (firewalls, IDS/IPS, SIEM, encryption protocols, etc.).
• Solid understanding of data privacy requirements and regulatory compliance.
• Demonstrated ability to design and implement complex security strategies.
• Strong leadership and communication skills with the ability to influence executive decision-making.
• Excellent analytical and problem-solving abilities with a proactive approach to identifying risks.
• Experience managing security teams and working cross-functionally.

Preferred Qualifications

• Master's degree in Cybersecurity, IT, or related field.
• Professional certifications such as CISSP, CISM, or CISA.
• Experience securing cloud environments and cloud-native infrastructure.
• Familiarity with disaster recovery and incident management frameworks.
• Knowledge of penetration testing, ethical hacking, and advanced security assessment techniques.
• Strong background in regulatory compliance and data protection.
• Exposure to DevSecOps practices and secure software development.
• Awareness of AI and machine learning applications in cybersecurity.
• Multilingual capability for international collaboration is an advantage.

If you are a forward-thinking cybersecurity executive with both strategic vision and hands-on leadership skills, this is your opportunity to play a pivotal role in protecting the future of our company.

We are partnering with a fast-growing tech company to hire an Information Security Leader. The successful candidate will integrate security practices seamlessly into engineering and deployment processes, lead incident detection, response, and overall security monitoring.

• Integrate security practices into engineering and deployment processes.
• Lead incident detection, response, and overall security monitoring.
• Drive compliance efforts and support internal and external audits.
• Oversee regular vulnerability assessments and coordinate fixes with technical teams.
• Collaborate with third-party vendors and regulatory bodies.

• Strong grasp of threat detection, compliance, and risk in highly regulated environments.
• Hands-on experience securing both cloud-based and traditional infrastructure.
• Confident communicator with a proactive, execution-focused mindset.
• Proven track record leading security operations in fast-paced, large-scale environments.

Job Description:

• The Cybersecurity Expert is responsible for protecting the computer systems, networks, and data from cyber threats, breaches, and attacks. They design, implement, and monitor security measures, conduct risk assessments, and respond to security incidents.

Key Responsibilities:

• Security Infrastructure & Risk Management:
• Design, implement, and maintain security protocols, firewalls, VPNs, IDS/IPS, SIEM, and endpoint protection.
• Conduct vulnerability assessments, penetration testing, and security audits.
• Identify security risks and recommend mitigation strategies.
• Threat Detection & Incident Response:
• Monitor networks for suspicious activity and potential breaches.
• Investigate security incidents, perform forensic analysis, and lead remediation efforts.
• Develop and update incident response plans and disaster recovery procedures.
• Compliance & Security Policies:
• Ensure compliance with industry standards (ISO 27001, NIST, GDPR, HIPAA, PCI-DSS).
• Develop and enforce cybersecurity policies, procedures, and employee training programs.
• Security Architecture & Best Practices:
• Advise on secure system and application design (Zero Trust, Cloud Security, DevSecOps).
• Implement encryption, multi-factor authentication (MFA), and access control mechanisms.
• Stay updated on emerging cyber threats, attack vectors, and defense strategies.

Required Skills & Qualifications:

• Education: Bachelor's/Master's in Cybersecurity, Computer Science, or related field (or equivalent experience).
• Certifications (Preferred): CISSP, CISM, CEH, CompTIA Security+, OSCP, or similar.

Benefits:

• Strong analytical, problem-solving, and communication skills.
• Ability to work under pressure during security incidents.

Others:

• 8 years in cybersecurity roles (e.g., SOC analyst, penetration tester, security engineer).
• Experience with regulatory compliance and risk management frameworks.

All interested parties are encouraged to send in their detailed resume/CV.

About the Role:

• We are seeking a skilled Information Security Strategist to drive our organization's security program and ensure effective delivery of solutions.
• The successful candidate will act as subject matter expert regarding security systems, solutions, and regulatory requirements.

Key Responsibilities:

• Design and organize training to raise awareness of security within the organization.
• Drive the security awareness program to increase overall security awareness of staff.
• Manage security program and solution management to ensure programs are effectively delivered and solutions are effective.
• Provide consultancy and management for security systems, controls, and solutions.
• Be responsible for security project management including schedule, performance, cost, and vendor management.
• Lead in IT security threat, incident management, and investigation.
• Develop and maintain IT security incident response and handling playbook for various threat scenarios.
• Maintain related ISO/WLA policy documentation.
• Keep abreast of new and emerging IT risks, attack vendors, and technology, and educate the IT community on the latest trends and news.

Requirements:

• Bachelor's Degree, preferably in Computer Science/Engineering, Information Science/Related IT Discipline.
• Minimum 6 years of working experience in IT security.
• Extensive experience around IT security strategies, policies, and procedures.
• Knowledge of the gaming industry, various security methodologies, and processes, and technical security solutions.
• Able to manage influence through persuasion, negotiation, and consensus building.
• Outstanding communication and interpersonal skills.
• Experience as a trainer and provide guidance to team.
• Experience in Information Security Management System (ISMS) in compliance with BS7799/ISO27001 or WLA or other standards.
• Professional certifications such as CISSP, CCSP, CISM, CISA.

Senior Cybersecurity Specialist

The Senior Cybersecurity Specialist will be responsible for supporting the organization's governance and compliance functions. This role will include primary responsibility for supporting IT and organizational policies and standards in support of legal and regulatory compliance needs as well as general IT and organizational information security practices.

This specialist will liaise closely with other members of the organization to undertake an assessment of their business needs.

• Enforce IT policy, standards and procedures / guidelines in accordance to internal policies, and applicable regulations (such as PDPA, Cyber Security Act, EMA Regulations, and Computer Misuse Act)
• Perform periodic reviews of the IT system access
• Facilitate IT audit planning, coordination, management response, rationalisation and collation and tracking of audit action items with internal and external parties
• Perform IT compliances check by reviewing control effectiveness
• Perform IT audit on established standards

Cybersecurity Focus

• Develop simulated phishing campaigns to improve security posture of the organisation
• Drive organisation wide IT awareness initiatives through provisioning of CBT for security, identify possible gap of understanding in staff and facilitate re-training / awareness session
• Facilitate Information Security Management System (ISMS) audit planning, coordination, management response, rationalisation and collation and tracking of audit action items with internal and external parties

Special Projects

• Support, manage / implement special IT projects

Working Experience

• 5 years' working experience in Information Technology either in application support, or network infrastructure with intent to switch to IT governance OR currently in similar role
• Expert abilities in Microsoft Office Suite software including Word, Excel, PowerPoint, Visio, MS Project, etc
• Active learner and 'detail-oriented' professional with strong analytical and problem solving skills
• Ability to quickly develop an in-depth working knowledge of the range of organisation activities
• Able to work with staff and managers across all levels

Education Requirements

• Degree in Computer Science/Engineering or Computer Studies or equivalent from reputable university

Our client is a government agency which supports ICT delivery services. This is a leadership role that requires technical proficiency demonstrated in multiple cybersecurity domains.

Responsibilities:

• Lead the agency-level cybersecurity function in supporting agency digital transformation initiatives whilst ensuring digital resilience of agency systems.
• Formulate and implement agency cybersecurity strategies, policies and work plans, ensuring continuous alignment with agency's business strategic goals
• Review and enhance risk management through threat-based risk assessments, risk mitigations, risk monitoring and reporting.
• Provide consultation and endorse risk management and mitigation plans from agency's project teams.
• Govern and enhance the agency's security posture by maintaining visibility and oversight of ICT assets, security architectures, and cybersecurity operations code of practices.
• Develop and maintain incident response plan and playbooks. This involves planning, designing and conduct of security incident response workshops and exercises (table-top exercises, simulation and drills) as well as lead the investigation and management of ICT security incidents.
• Provide advisory and recommendations on appropriate cybersecurity technologies to be deployed that meets agency's business requirements and aligned with WOG-wide advisories and practices.
• Ensure secure by design ICT product development, and that security controls implementations comply with the defined security policies, standards and guidelines.
• Develop and maintain effective cybersecurity awareness and training programmes

Requirements:

• Degree in Computer Science, Information Systems, Engineering or related Technology field
• At least 8-10 years of management experience related to information security and solid grasp of ICT operations, security policies, business processes and the relationship between them.
• Ability to work with multi-functional, multi-disciplined teams to formulate, institute real time awareness of security posture and baseline among end users.
• Good interpersonal and partner/executive leadership skills.
• Demonstrate knowledge and experience in security by design implementations, review of system architecture, devsecops practices, Infrastructure as Code (IaC) tools and securing CI/CD pipelines
• Demonstrate understanding of cloud service models (IaaS, PaaS, SaaS), coupled with a strong understanding of core cloud services and modern cloud-native architectures (serverless, containers, microservices)
• Identify on-premises and cloud-specific cybersecurity risks and threats, demonstrating skills to thoroughly assess their impact and likelihood. This assessment encompasses, but is not limited to, secure configurations, insider threats, vendor risks, data leakage, malwares including ransomware, account hijacking, and compliance risks.
• Evaluate the effectiveness of existing controls and recommending appropriate mitigation strategies for on-premises and cloud-related cybersecurity and data security issues.
• Display understanding of emerging threats and technologies, and the ability to translate risk into business impact
• Strong understanding of compliance requirements and the ability to identify potential violations in on-premises or cloud environments.
• Able to communicate cyber security topics effectively to senior stakeholders.
• Minimally possess CISSP certification, preferably with other related certifications, e.g. CISM, CCSP, GCIH that demonstrates continuous learning and knowledge of industry best practices.
• We believe in being Agile, Bold and Collaborative, and are looking for people who identify with these values.

We are seeking a highly skilled Cybersecurity Expert to join our team.

Roles and Responsibilities

• The ideal candidate will lead the implementation of robust cybersecurity strategies and solutions, safeguarding IT infrastructure, applications, and data across cloud and on-premise environments.
• This role involves working closely with multi-disciplinary teams to implement and operate cybersecurity controls for cloud and on-premise environments, including micro-services, containers, applications, operating systems, databases, and networks.
• The selected candidate will be involved in project work related to IT infrastructure and application security as needed.
• Responsibilities also include supporting the maintenance team in resolving difficult or chronic problems, escalating issues to vendors, identifying root causes, and implementing preventive measures.
• This position requires collaborating with presales teams to provide infrastructure and application security solutioning during bids.
• The successful candidate will design and plan system architecture for new IT infrastructure deployments in both hosted and cloud environments.
• This role also involves working closely with project managers and application development teams to plan implementation tasks.
• The individual will perform initial installation and configuration of new IT infrastructure and security deployments in both hosted and cloud environments.
• Conducting security design reviews with customers is also a key responsibility.
• The chosen candidate will lead security testing and remediation efforts, conduct vulnerability assessments, and deliver application security assessment activities with entities and external suppliers/customers.
• This role involves interpreting security and technical requirements into business requirements and communicating security risks to relevant stakeholders.
• The ideal candidate will collaborate with application developers and database administrators to deliver creative solutions to difficult technology challenges and business requirements.
• This position requires conducting in-depth assessments on applications using SAST, DAST, penetration testing, and red-teaming activities to determine application security posture and potential vulnerabilities.
• The selected candidate will develop and implement server security and hardening.
• This role also involves supporting the monitoring and tuning of detection and security automation tools.
• Automating security controls, data, and processes to provide better metrics and operational support is also a key responsibility.

Requirements

• Must have a bachelor's degree in Computer Science or an IT-related field.
• A minimum of six years of experience in network/systems/application security is required.
• The ideal candidate will have at least five years of experience in vulnerability assessment, penetration testing, and source code reviews of web, mobile, and thick client applications.
• Demonstrated knowledge of networking and IP/TCP protocol is essential.
• Experience working with Windows and other operating systems is beneficial.
• Experience securing virtualization technologies is also valuable.
• Familiarity with firewall technologies and products, including next-generation firewalls and firewall management tools, is necessary.
• The ability to develop custom scripts or tools using programming languages such as Python, Perl, Ruby, PowerShell, C, C#, Java is required.
• In-depth knowledge of network and systems security issues is essential.
• Hands-on experience with security-related tasks such as OS tightening, patching, and updating, virus scanning is beneficial.
• The ideal candidate will have good communication skills and a positive working attitude.
• Relevant certifications such as CISSP/CISA/CISM, CREST, CEH would be advantageous.