202 Chief Information Security Officer jobs in Singapore

Headquartered in Singapore, Jurong Port is a leading international multipurpose port operator. Established in 1965, the port initially served Singapore’s Jurong Industrial Estate. Jurong Port has since expanded to serve as Singapore’s main general and bulk cargo gateway.

Description for Internal Candidates

Jurong Port’s multipurpose port operating expertise includes efficient handling of general, bulk and containerized cargo, management and operations of the Tuas Offshore Marine Centre, and Lighter Terminals in Penjuru and Marina South. Besides Singapore, Jurong Port is involved in overseas joint ventures in China and Indonesia. In 2016, Jurong Port’s local and overseas terminals handled close to 35 million tons of general and bulk cargo, and 560,000 TEUs of container cargo.

Job Description:

• Identify and evaluate emerging technologies and the cybersecurity risk to the technologies for IT (Information Technology), OT (Operational Technology), Data, AI (Artificial Intelligence) and IoT (Internet-of-Things).

• Provide direction and guidance to the development of enterprise-wide cybersecurity programs which includes for both IT & OT & Data

• Plan and implement the strategy for the deployment of well-known cybersecurity framework, policies and procedures.

• Good understanding on the overall architecture setup (both software & hardware) in the company to determine the measures to be put in placed through a threat informed approach

• Provide guidance on risk assessments and policy deviations

• Evaluate the organization’s cybersecurity risk posture

• Direct strategy for Systems Recovery

• Continuous analysis of the evolving threat landscape and provide strategic direction in enhancing the cybersecurity posture of the organization

• Identify, report and control incident.

• Develop early detection, incident response and escalation framework.

• Regular updates to senior leadership and be aware of the threat landscape

• Evaluation of technologies and processes to support above functions.

• Participate in the global cybersecurity community to monitor threats, share experience and knowledge.

• Lead, motivate and build up the team competency on implementation of projects, analysis of threats and vendor management

• Develop program to ensure staff are equip with the latest knowhow in this fast-evolving field.

• Strategize and provide guidance to develop awareness programme, uplifting the enterprise wide cyber hygiene of all staff.

• Provide direction and guidance to develop Governance framework and programme.

• Interface with JTC/MPA/CSA for all cyber and governance matters.

• Accountable on the due diligence with applicable laws and regulatory requirements and policies.

• Provide guidance to IT project teams on security & governance requirements

• Regular updates to board of directors, senior leadership team and stakeholders though steering committee meeting etc.

Educational Qualifications:

• Degree in Computer Science, Computer Engineering, Electrical Engineering or other relevant field of study.

• Cyber Security related qualifications such as CISA, CISSP, CISM, CRISC, GIAC will be an advantage.

Relevant Experiences:

• Minimum 15 years of relevant working experience

• Minimum 10 years of relevant working experience in managing a highly skilled team.

• Well verse in Security Standards such ISO27001 and NIST etc.

• Good understanding of IT Governance, Project Management and Methodologies

• Good understand of various regulation/laws related to cybersecurity such as Cybersecurity Act 2018 (and CCoP 2.0), Singapore's Personal Data Protection Act (PDPA)

• Well verse in MITRE ATT&CK & D3FEND framework

• Technical hands-on expertise and well verse in Security related products Firewalls, IDS/IPS, AV, IAM, PAM, VMS, WAF, SIEM and PKI are preferred

• Able to explain technical ideas to non-technical audience such as Senior Management and other Internal Stakeholders

Personal Characteristics:

• Inquisitive and keen to learn emerging technology and evolving threats.

• Attention to details.

• Able to work under pressure and handle multiple projects/assignments concurrently.

• Able to make timely decision with limited information/uncertainty

• Good communication and stakeholder management skills

• Highly resourceful individual who possess strong analytical skills

• Excellent interpersonal skills and willingness to perform hands-on technical work

• Able to lead and can be a team player as well.

Jurong Port’s multipurpose port operating expertise includes efficient handling of general, bulk and containerized cargo, management and operations of the Tuas Offshore Marine Centre, and Lighter Terminals in Penjuru and Marina South. Besides Singapore, Jurong Port is involved in overseas joint ventures in China and Indonesia. In 2016, Jurong Port’s local and overseas terminals handled close to 35 million tons of general and bulk cargo, and 560,000 TEUs of container cargo.

Job Description:

• Identify and evaluate emerging technologies and the cybersecurity risk to the technologies for IT (Information Technology), OT (Operational Technology), Data, AI (Artificial Intelligence) and IoT (Internet-of-Things).
• Provide direction and guidance to the development of enterprise-wide cybersecurity programs which includes for both IT & OT & Data
• Plan and implement the strategy for the deployment of well-known cybersecurity framework, policies and procedures.
• Good understanding on the overall architecture setup (both software & hardware) in the company to determine the measures to be put in placed through a threat informed approach
• Provide guidance on risk assessments and policy deviations
• Evaluate the organization’s cybersecurity risk posture
• Direct strategy for Systems Recovery
• Continuous analysis of the evolving threat landscape and provide strategic direction in enhancing the cybersecurity posture of the organization
• Identify, report and control incident.
• Develop early detection, incident response and escalation framework.
• Regular updates to senior leadership and be aware of the threat landscape
• Evaluation of technologies and processes to support above functions.
• Participate in the global cybersecurity community to monitor threats, share experience and knowledge.
• Lead, motivate and build up the team competency on implementation of projects, analysis of threats and vendor management
• Develop program to ensure staff are equip with the latest knowhow in this fast-evolving field.
• Strategize and provide guidance to develop awareness programme, uplifting the enterprise wide cyber hygiene of all staff.
• Provide direction and guidance to develop Governance framework and programme.
• Interface with JTC/MPA/CSA for all cyber and governance matters.
• Accountable on the due diligence with applicable laws and regulatory requirements and policies.
• Provide guidance to IT project teams on security & governance requirements
• Regular updates to board of directors, senior leadership team and stakeholders though steering committee meeting etc.

Educational Qualifications:

• Degree in Computer Science, Computer Engineering, Electrical Engineering or other relevant field of study.
• Cyber Security related qualifications such as CISA, CISSP, CISM, CRISC, GIAC will be an advantage.

Relevant Experiences:

• Minimum 15 years of relevant working experience
• Minimum 10 years of relevant working experience in managing a highly skilled team.
• Well verse in Security Standards such ISO27001 and NIST etc.
• Good understanding of IT Governance, Project Management and Methodologies
• Good understand of various regulation/laws related to cybersecurity such as Cybersecurity Act 2018 (and CCoP 2.0), Singapore's Personal Data Protection Act (PDPA)
• Well verse in MITRE ATT&CK & D3FEND framework
• Technical hands-on expertise and well verse in Security related products Firewalls, IDS/IPS, AV, IAM, PAM, VMS, WAF, SIEM and PKI are preferred
• Able to explain technical ideas to non-technical audience such as Senior Management and other Internal Stakeholders

Personal Characteristics:

• Inquisitive and keen to learn emerging technology and evolving threats.
• Attention to details.
• Able to work under pressure and handle multiple projects/assignments concurrently.
• Able to make timely decision with limited information/uncertainty
• Good communication and stakeholder management skills
• Highly resourceful individual who possess strong analytical skills
• Excellent interpersonal skills and willingness to perform hands-on technical work
• Able to lead and can be a team player as well.

About Us: YMSLI is a leading provider of IT services and solutions, specializing in delivering cutting-edge technology and digital transformation services to clients across industries.

Job Summary: The Chief Information Security Officer (CISO) is responsible for developing and executing the enterprise-wide information security strategy to safeguard the confidentiality, integrity, and availability of information and IT systems. The CISO will oversee the security of internal systems, client data, infrastructure, applications, and ensure compliance with regulatory and contractual obligations.

Recruiter Details: Yamaha Motor Solutions India

Find Your Perfect Job: Sign-in & get noticed by top recruiters and get hired fast.

GRSee Consulting LTD is seeking an exceptional Virtual Chief Information Security Officer (vCISO) to lead cybersecurity strategy and compliance for select clients. This is a full-time, remote position suitable for someone with both technical expertise and strong communication skills, comfortable guiding executive teams and implementing security frameworks.

Salary: $2,000 - $3,000 USD per month

Language Requirements: Fluent and proficient in English (spoken and written)

Key Personal Qualities: Warm, approachable, engaging, communicative, supportive, open, and collaborative mindset

Required Technical Background: Proven experience in at least one of the following areas: IT operations, Helpdesk support, Penetration testing

Preferred Qualifications: Familiarity with security and privacy compliance frameworks such as ISO 27001, SOC 2, GDPR, CCPA (not mandatory)

Experience & Technical Skills: Minimum 2 years in a relevant technical role

Availability Requirement: Willingness to work full-time within GMT+2 working hours

Job Type: Full-time

Application Questions:

1. Could you explain your familiarity with security and privacy compliance frameworks such as ISO 27001, SOC 2, GDPR, CCPA?
2. Do you have proven experience in IT operations, Helpdesk support, and Penetration testing?
3. How many years of experience do you have as a vCISO (at least 2 years preferred)?
4. Are you willing to work full-time within GMT+2 working hours?
5. What is your expected salary?

Job Tags: cyber security, information security

What the role is:

(What the role is)
GovTech is the lead agency driving Singapore’s Smart Nation initiatives and public sector digital transformation. As the Centre of Excellence for Infocomm Technology and Smart Systems (ICT & SS), GovTech develops the Singapore Government’s capabilities in Data Science & Artificial Intelligence, Application Development, Smart City Technology, Digital Infrastructure, and Cybersecurity.

At GovTech, we offer you a purposeful career to make lives better where we empower our people to master their craft through robust learning and development opportunities all year round.

Play a part in Singapore’s vision to build a Smart Nation and embark on your meaningful journey to build tech for public good. Join us to advance our mission and shape your future with us today!

Learn more about GovTech at tech.gov.sg.

GovTech supports various Government Agencies in carrying out ICT delivery services. The appointment of the Agency Chief Security Information Officers (ACISO) who have familiarity with Cybersecurity Governance, Operations, Engineering and Testing in on-premises and major cloud platforms (e.g., AWS, Azure, and GCP) and their security features, will ensure security is well-considered and uplifted in Agency’s ICT and digitalisation transformation matters.

The ACISO will lead all aspects of the agency’s infocomm security management by planning, refining, recommending and implementing strategies, policies, and globally accepted practices aligned with the regulatory requirements. Are you looking for a leadership role in your next cybersecurity career? If so, then this role provides the driver's seat and a highly visible exposure in cybersecurity management.

(What you will be working on)

Emplaced in public agencies and reporting to the agency’s Chief Information Officer (CIO), you will collaborate with various stakeholders (including Ministry Family CISO (MCISO), GovTech HQ teams, Agency management teams, Agency project teams, and outsourced vendors) and will be responsible to:

• Lead the formulation of cyber security strategies and work plan, policies, standards and guidelines, supporting agency's digitalisation planning and aligning with Ministry Family (MF) strategic goals and policy baselines.
  
• Ensure the formulated Agency ICT security policies remain aligned with Ministry Family’s (MF’s) ICT security strategy goals with regular Gap analysis performed.
  
• Assist Agency management in overseeing ICT security matters, such as approving and tracking ICT security work plan and resourcing, monitoring performance in security indicators and risk acceptance decisions.
  
• Govern the security posture of the Agency by maintaining a full visibility of all ICT systems (Assets) across different operating environments, the systems’ security design, implementation and operations through regular reviews.
  
• Implement Cybersecurity risk assessment and acceptance processes at the management level. Review, provide consultation and endorse risk management and mitigation plans from agency’s project teams.
  
• Provide advisory and consultancy on the appropriate cyber security solutions and technologies to be deployed suitable to agency’s business operations and aligned with WOG-wide advisories and practices.
  
• Ensure the Agencies’ secure ICT development life cycle is complying to the security policies, and the security controls implementations are complying to the defined security policies, standards and guidelines.
  
• Design and implement end user security awareness programmes and establish defined processes for Threat and Incident Management.
  
• Plan, design and conduct security incident response workshops and exercises (table-top exercises, simulation and drills) and lead the investigation and management of ICT security incidents.

• Degree in Computer Science, Information Systems, Engineering or a related Technology based education. Good interpersonal and partner/ executive leadership skills.
  
• Ability to work with multi-functional, multi-disciplined teams to formulate, institute real time awareness of security posture and baseline among end users.
  
• Possess knowledge or experience in Infrastructure as Code (IaC) tools such as Terraform and Ansible, including their application in maintaining and automating secure on-premises and cloud environments.
  
• Identify on-premises and cloud-specific cybersecurity risks and threats, demonstrate skills to thoroughly assess their impact and likelihood. This assessment encompasses, but is not limited to, insider threats, vendor risks, data leakage, malwares including ransomware, account hijacking, and compliance risks.
  
• Display competence in evaluating the effectiveness of existing controls and recommending appropriate mitigation strategies for on-premises and cloud-related cybersecurity and data security issues.
  
• Exhibit a strong understanding of compliance requirements and the ability to identify potential violations in on-premises or cloud environments.
  
• At least 5-8 years of management experience related to information security and solid grasp of ICT operations, security policies, business processes and the relationship between them.
  
• Certifications are encouraged and demonstrate continuous learning and intake of standard methodologies applicable for this role. E.g., CISSP/ CISM/ CISA certifications.
  
• We believe in being Agile, Bold and Collaborative, and are looking for people who identify with these values.
  
• Singaporeans only.

GovTech is an equal opportunity employer committed to fostering an inclusive workplace that values diverse voices and perspectives, as we believe it is key to innovation.

Our employee benefits are based on a total rewards approach, offering a holistic and market-competitive suite of perks.

We champion flexible work arrangements (subject to your job role) and trust you to manage your time to deliver your best.

Learn more about life inside GovTech at go.gov.sg/GovTechCareers.

(What we are looking for)

About Government Technology Agency

The Government Technology Agency (GovTech) is the lead agency driving Singapore’s Smart Nation initiatives and public sector digital transformation. As the Centre of Excellence for Infocomm Technology and Smart Systems (ICT & SS), GovTech develops the Singapore Government’s capabilities in Data Science & Artificial Intelligence, Application Development, Smart City Technology, Digital Infrastructure, and Cybersecurity.At GovTech, we offer you a purposeful career to make lives better. We empower our people to master their craft through continuous and robust learning and development opportunities all year round. Our GovTechies embody our Agile, Bold and Collaborative values to deliver impactful solutions.GovTech aims to transform the delivery of Government digital services by taking an "outside-in" view, putting citizens and businesses at the heart of everything we do.Play a part in Singapore’s vision to build a Smart Nation and embark on your meaningful journey to build tech for public good. Join us to advance our mission and shape your future with us today!Learn more about GovTech at tech.gov.sg.

Job Description

You will be a member of the Group Information Security Team responsible for responding to threats and incidents to the corporate networks, systems (on-prem and cloud), and digital assets.

Key Responsibilities:

•Perform security monitoring and incident response activities across the scoot networks, leveraging a variety of tools and techniques.

•Manage Security Operations center.

•Detect incidents through proactive “hunting” across security-relevant data sets.

•Ability to correlate multiple events from different devices to identify abnormal behaviour

•Document incident response analysis activities thoroughly

•Develop new, repeatable methods for finding malicious activities

•Provide recommendations to enhance detection and protection capabilities.

•Effectively present technical topics to both technical and non-technical audiences

•Develop and follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in the remediation of information security incidents

•Prioritize multiple high-priority tasks and formulate responses/recommendations in a fast-paced environment

•Prepare documentation for security technical standards, standard operational procedures, and hardening standards.

•Analyse endpoint, network, and application logs

•Assist other IT teams in security-related issues

•Engage with vendors and parent company SIA team members for security reviews.

Requirements:

•Degree in Computer Engineering, Computer Science, Information Systems, or equivalent qualification.

•At least 5-6 years of experience in Cybersecurity Incident and Security Operations.

•Demonstrate experience in Information Security with a focus on Cyber Security Operations, Incident Response and Detection.

•Experience working in the Security Operations Centre and/or Computer Incident Response Team.

•Excellent problem-solving skills combined with hands-on experience doing root cause analysis and post-incident reviews.

•Solid knowledge of computer networks and common protocols

•Knowledge of prominent cyber threat actors and APT groups.

•Experience with Threat Intelligence Platforms.

•Experience with SIEM (especially Splunk).

•Professional security related qualifications (i.e. GCIA, CISSP etc) will be an advantage

•Preferred certifications: CISSP, CISM, CISA, ISMS, TOGAF, SABS

•Good interpersonal skills

6 days ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

Direct message the job poster from Randstad Singapore

• Decision Making / Designing of Security roadmap
  
• Heavy investments in security and strong support from business stakeholders
  

• Decision Making / Designing of Security roadmap
  
• Heavy investments in security and strong support from business stakeholders
  

• Designing and leading the cyber security strategy. This includes Prevention (Firewall, DLP and etc) ,Threat Detection (internal sensors in place such as IDS, SIEM and etc) and response (Incidence response).
  
• Providing advisory and solutioning on new security threats and vulnerabilities. This includes vulnerability assessments and conducting security reviews of IT systems, network and core applications.
  
• Enhancing early detection capability - This is through leveraging internal security data (Performing analysis of forensic evidence, log data, compromised hosts, and network traffic) and external sources (Industry portals and etc) to identify existing gaps in security control and close the gaps.
  
• Conducting information security incident investigations, and propose corrective and preventive measures.
  
• Leading a Cyber security (external partners) team to manage end-to-end process across Cyber Security, IT Governance and IT Risk
  
• Overseeing the development and execution of corporate security awareness and training programs
  
• Designing IT Security framework to ensure the availability, integrity and confidentiality of IT systems
  
• Reviewing the security roadmap, ensuring that the strategy is in line with the current cyber security landscape
  
• Monitoring compliance, keep abreast of legislative and regulatory trends to address potential impact and non-compliance/gaps
  
• Designing processes to identify, improve and optimize IT risk management policies/practices. (Company is undergoing major IT implementation and system upgrades which will create new potential IT risk to the company)
  

• Seniority level Director

• Employment type Full-time

• Job function Information Technology
• Industries Technology, Information and Internet and Technology, Information and Media

Referrals increase your chances of interviewing at Randstad Singapore by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

To apply, It will be great if you could share your CV to . Alternatively, you can apply at

• Decision Making / Designing of Security roadmap
• Heavy investments in security and strong support from business stakeholders

About the company

Our client is a multi billion company who is a market leader (Close to 20 years of experience) within their area of specialization. As part of their plan to invest in technology, they are now hiring Head of Security & Information Security to be based here in Singapore.

About the job

Your responsibility includes:

• Designing and leading the cyber security strategy. This includes Prevention (Firewall, DLP and etc) ,Threat Detection (internal sensors in place such as IDS, SIEM and etc) and response (Incidence response).
• Providing advisory and solutioning on new security threats and vulnerabilities. This includes vulnerability assessments and conducting security reviews of IT systems, network and core applications.
• Enhancing early detection capability – This is through leveraging internal security data (Performing analysis of forensic evidence, log data, compromised hosts, and network traffic) and external sources (Industry portals and etc) to identify existing gaps in security control and close the gaps.
• Conducting information security incident investigations, and propose corrective and preventive measures.
• Leading a Cyber security (external partners) team to manage end-to-end process across Cyber Security, IT Governance and IT Risk
• Overseeing the development and execution of corporate security awareness and training programs
• Designing IT Security framework to ensure the availability, integrity and confidentiality of IT systems
• Reviewing the security roadmap, ensuring that the strategy is in line with the current cyber security landscape
• Monitoring compliance, keep abreast of legislative and regulatory trends to address potential impact and non-compliance/gaps
• Designing processes to identify, improve and optimize IT risk management policies/practices. (Company is undergoing major IT implementation and system upgrades which will create new potential IT risk to the company)

Skills and experience required

As a successful applicant, You should have at least 8 years of experience in Cyber Security across prevention, detection, response. At least 3 years of experience as an overall head of IT security and GRC. Proven track record of managing a lean security team with a large base of external vendors will be highly preferred. Proven track record of engagement with C-level business stakeholder is required.

Candidates with technical hands in both cyber security and information security will be highly preferred

Whats on offer

This position is a great opportunity to join a commercial client with leadership responsibilities across Cyber Security and GRC. You will be empowered with key decision making authority with exposure to senior business stakeholders.

To apply, It will be great if you could share your CV to . Alternatively, you can apply at (EA: 94C3609/ R1219669)