367 Chief Information Security Officer jobs in Singapore

Jurong Port’s multipurpose port operating expertise includes efficient handling of general, bulk and containerized cargo, management and operations of the Tuas Offshore Marine Centre, and Lighter Terminals in Penjuru and Marina South. Besides Singapore, Jurong Port is involved in overseas joint ventures in China and Indonesia. In 2016, Jurong Port’s local and overseas terminals handled close to 35 million tons of general and bulk cargo, and 560,000 TEUs of container cargo.

Job Description:

• Identify and evaluate emerging technologies and the cybersecurity risk to the technologies for IT (Information Technology), OT (Operational Technology), Data, AI (Artificial Intelligence) and IoT (Internet-of-Things).
• Provide direction and guidance to the development of enterprise-wide cybersecurity programs which includes for both IT & OT & Data
• Plan and implement the strategy for the deployment of well-known cybersecurity framework, policies and procedures.
• Good understanding on the overall architecture setup (both software & hardware) in the company to determine the measures to be put in placed through a threat informed approach
• Provide guidance on risk assessments and policy deviations
• Evaluate the organization’s cybersecurity risk posture
• Direct strategy for Systems Recovery
• Continuous analysis of the evolving threat landscape and provide strategic direction in enhancing the cybersecurity posture of the organization
• Identify, report and control incident.
• Develop early detection, incident response and escalation framework.
• Regular updates to senior leadership and be aware of the threat landscape
• Evaluation of technologies and processes to support above functions.
• Participate in the global cybersecurity community to monitor threats, share experience and knowledge.
• Lead, motivate and build up the team competency on implementation of projects, analysis of threats and vendor management
• Develop program to ensure staff are equip with the latest knowhow in this fast-evolving field.
• Strategize and provide guidance to develop awareness programme, uplifting the enterprise wide cyber hygiene of all staff.
• Provide direction and guidance to develop Governance framework and programme.
• Interface with JTC/MPA/CSA for all cyber and governance matters.
• Accountable on the due diligence with applicable laws and regulatory requirements and policies.
• Provide guidance to IT project teams on security & governance requirements
• Regular updates to board of directors, senior leadership team and stakeholders though steering committee meeting etc.

Educational Qualifications:

• Degree in Computer Science, Computer Engineering, Electrical Engineering or other relevant field of study.
• Cyber Security related qualifications such as CISA, CISSP, CISM, CRISC, GIAC will be an advantage.

Relevant Experiences:

• Minimum 15 years of relevant working experience
• Minimum 10 years of relevant working experience in managing a highly skilled team.
• Well verse in Security Standards such ISO27001 and NIST etc.
• Good understanding of IT Governance, Project Management and Methodologies
• Good understand of various regulation/laws related to cybersecurity such as Cybersecurity Act 2018 (and CCoP 2.0), Singapore's Personal Data Protection Act (PDPA)
• Well verse in MITRE ATT&CK & D3FEND framework
• Technical hands-on expertise and well verse in Security related products Firewalls, IDS/IPS, AV, IAM, PAM, VMS, WAF, SIEM and PKI are preferred
• Able to explain technical ideas to non-technical audience such as Senior Management and other Internal Stakeholders

Personal Characteristics:

• Inquisitive and keen to learn emerging technology and evolving threats.
• Attention to details.
• Able to work under pressure and handle multiple projects/assignments concurrently.
• Able to make timely decision with limited information/uncertainty
• Good communication and stakeholder management skills
• Highly resourceful individual who possess strong analytical skills
• Excellent interpersonal skills and willingness to perform hands-on technical work
• Able to lead and can be a team player as well.

This position involves partnering with a tech company to oversee their information security efforts.

• Integrate security practices into engineering and deployment processes
• Lead incident detection, response, and overall security monitoring
• Drive compliance efforts and support internal and external audits
• Oversee regular vulnerability assessments and coordinate fixes with technical teams
• Collaborate with third-party vendors and regulatory bodies

• A strong grasp of threat detection, compliance, and risk in highly regulated environments is essential
• Hands-on experience securing both cloud-based and traditional infrastructure is required
• A confident communicator with a proactive, execution-focused mindset is needed
• A proven track record leading security operations in fast-paced, large-scale environments is expected

This role offers the opportunity to work with a well-established company in Singapore.

The selected candidate will be responsible for implementing effective security strategies.

• Identify and evaluate existing security risks, both in-house and on client projects.
• Develop and implement comprehensive cybersecurity policies and procedures.
• Formulate and institute robust policies, procedures, and standards for secure technology utilization.
• Provide Information Security advisory services, focusing on cybersecurity strategy and governance.
• Attend client site meetings, answering clients' risk management and security questions and addressing/reporting security concerns.
• Conduct regular risk assessments to identify and mitigate potential security threats.
• Develop risk management strategies and implement appropriate security measures.
• Lead the organization's incident response efforts, including detection, investigation, and remediation of security incidents.
• Design and implement security architecture for new and existing systems.
• Ensure the security of software development lifecycle (SDLC) and CI/CD processes.
• Collaboratively work with security vendors for incident response and alerts monitoring.
• Identify acceptable levels of residual risk and assist with action plans, policy, and procedural changes for risk mitigation.
• Ensuring audit trails, system logs and other monitoring data sources are reviewed periodically and follow and adhere to regulatory policies.
• Stay up to date on latest security trends and standards, conduct research on security improvements and provide recommendations to clients and stakeholders.
• Proactively manage and report on security findings, ensuring timely communication and follow-up with the client on mitigation or resolution efforts.

Our team is seeking a seasoned professional to lead our security, infrastructure and IT operations. This strategic role requires someone with a deep understanding of cloud infrastructure, information security and technical operations.

The successful candidate will oversee the development and implementation of our security strategy, ensuring compliance with regional regulations and industry standards. They will also be responsible for leading our multi-functional teams across Singapore and Ho Chi Minh City, driving operational excellence and promoting a security-first culture within the organization.

We are looking for someone with 10+ years of experience in information security and cloud infrastructure, with at least 5 years of leadership experience. A strong technical background in cloud-native architecture, containerization, security engineering, identity and access management, big data platforms and DevSecOps is essential. Familiarity with regulated industries such as healthcare, fintech and life sciences is also highly desirable.

Skill Requirements:

• Information Security
• PACS
• Technical Operations
• Big Data
• Identity Management
• Physical Security
• Administration
• ISO 27001
• Clinical Operations
• Reliability
• Security Strategy
• Vendor Management
• SaaS
• HIPAA
• Life Sciences
• Security Awareness

About You:

We are seeking an experienced leader who can drive innovation and excellence in our security and IT operations. If you have a passion for security, technology and teamwork, we encourage you to apply.

As a Chief Information Security Officer, you will be responsible for designing and implementing robust cybersecurity solutions architecture to safeguard the organization's digital assets.

Your primary objective is to ensure the confidentiality, integrity, and availability of sensitive data. To achieve this, you must develop and maintain comprehensive security controls and protocols to prevent cyber threats.

• Develop and implement a robust cybersecurity framework aligned with industry best practices and regulatory requirements.
• Design and implement security measures to safeguard networks, systems, and data from cyber threats.
• Conduct risk assessments and security audits to identify vulnerabilities and recommend remediation measures.
• Integrate security measures into infrastructure design and configuration to support cybersecurity objectives.
• Implement automation and orchestration solutions to enhance cybersecurity agility and resilience.
• Develop and enforce cybersecurity policies, standards, and procedures to ensure compliance with industry regulations and internal requirements.
• Lead and/or support internal and external audits and assessments.
• Point of contact and first responder for all cybersecurity matters.
• Liaison with regulatory agencies to fulfill statutory requirements.
• Provide guidance and support to teams to address compliance gaps and improve security posture.
• Manage vendors to deliver effective cybersecurity solutions.
• Implement advanced threat detection and monitoring tools to detect and respond to security incidents in real-time.
• Develop incident response plans and procedures to mitigate the impact of security breaches and minimize downtime.
• Coordinate with internal teams and external partners to investigate security incidents and implement remediation measures.
• Provide expert advice and support to the organization on security-related issues, including phishing awareness and data protection.
• Evaluate cybersecurity products, technologies, and solutions to determine their suitability for the organization's security requirements.
• Conduct vendor assessments and due diligence to ensure the security and reliability of third-party solutions.
• Collaborate with procurement teams to negotiate contracts and agreements with security vendors.
• Lead cybersecurity projects and programs.
• Manage enterprise security solutions deployed within the organization with the support of the Cybersecurity-CoE.
• Coordinate cybersecurity tabletop exercises and awareness activities.
• Work closely with the Cybersecurity-CoE in rolling out enterprise security solutions on-time.
• Engage and build strong relationships with leaders inside and outside your core product team to collaborate effectively for a designed experience.

Requirements

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field.
• Proven experience in cybersecurity architecture, infrastructure design, and implementation.
• Strong knowledge of cybersecurity principles, standards, and best practices.
• Experience with security technologies such as PAM, IAM, firewalls, intrusion detection/prevention systems, SIEM, endpoint protection, and encryption.
• Certifications such as CISSP, CISM, CEH, or equivalent are highly desirable.
• Proficiency in network and system administration, including experience with cloud platforms (e.g. GCP, AWS, Azure).
• Familiarity with DevSecOps principles and practices.
• Project management skills.
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal abilities.
• Highly driven and keen learner.

We are seeking a highly skilled Cyber Security Analyst to join our team. As a key member of the security team, you will be responsible for safeguarding our digital assets by identifying and mitigating potential security risks.

The ideal candidate will be responsible for integrating security practices into engineering and deployment processes, leading incident detection and response efforts, driving compliance initiatives, and overseeing vulnerability assessments.

• Integrate security best practices into all engineering and deployment processes to ensure a robust security posture.
• Lead the organization's incident detection, response, and overall security monitoring efforts to minimize risks and protect sensitive data.
• Develop and implement comprehensive compliance strategies to ensure alignment with regulatory requirements and industry standards.
• Oversee regular vulnerability assessments to identify and remediate potential security threats, collaborating closely with technical teams to drive fixes and improvements.
• Collaborate with third-party vendors and regulatory bodies to ensure seamless communication and cooperation.

• Strong understanding of threat detection, compliance, and risk management in highly regulated environments.
• Hands-on experience securing both cloud-based and traditional infrastructure, including network security, access control, and firewall configurations.
• Excellent communication and interpersonal skills, with the ability to effectively communicate complex technical concepts to non-technical stakeholders.
• Proven track record of leading security operations in fast-paced, large-scale environments, with a focus on proactive risk management and continuous improvement.

Tell employers what skills you have

• Information Security
• Security Operations
• Application Security
• Access Control
• Compliance
• Audits

We are searching for a skilled Information Security Specialist to join our growing team. In this role, you will be responsible for designing, implementing, and monitoring security measures, responding to incidents, and ensuring compliance with industry standards.

This is an exciting opportunity for an experienced Cyber Security professional to work on challenging projects and collaborate with cross-functional teams.

• Implement systems and network security-related projects.
• Collaborate with internal teams and external customers during the deployment.
• Gather business and/or system requirements for information security to plan, design, and implement technical solutions in accordance with specifications and service levels.
• Coordinate and/or manage project deployment tasks, including design, implementation, integration, formal testing, configuration changes, and specification/as-built documentation.
• Work closely with the project manager to coordinate and transit all technical deliverables into the production environment.
• Respond to all system and/or network security breaches.
• Ensure that data and infrastructure are protected by enabling appropriate security controls.
• Participate in the change management process.
• Troubleshoot, test, and identify network and system vulnerabilities.
• Provide expertise to service delivery teams on systems and network security domain.
• Review the scope of work and contribute to the development of the solution architecture.
• Daily administrative tasks, reporting, and communication with relevant departments.

The ideal candidate should possess:

• Bachelor's degree in Computer Science or a related field (or equivalent experience).
• Minimum two years of implementation experience or accreditation from major security products and/or two years of work experience with incident detection, response, and forensics.
• Technical proficiency in systems and network security solutions for enterprise environments.
• Certifications in CISSP or equivalent would be an added advantage.
• Possess knowledge of Risk Management, Disaster Recovery, Business Continuity, and IT Regulatory Compliance.
• Demonstrate experience/knowledge of CyberArk PAM, Exabeam/Splunk SIEM, Microsoft Defender/CrowdStrike solutions would be an added advantage.
• Possess strong analytical and problem-solving skills.
• Driven, motivated, and has initiative.
• Ability to work independently with minimal supervision.
• Good command of written and spoken English.
• Good project coordination skills.

The following skills are highly desirable:

• Information Security
• Troubleshooting
• Regulatory Compliance
• Business Continuity
• Change Management
• Ability To Work Independently
• Cyber Security
• Risk Management
• Solution Architecture
• Project Coordination
• Disaster Recovery
• Vulnerability Assessment
• Network Security
• CISSP
• Service Delivery

• Produce cyber security strategies and work plan, policies, standards and guidelines
• Support digitalisation planning and aligning with ICT security strategy goals and policy baselines.
• Perform regular Gap analysis.
• Oversee ICT security matters (approving and tracking ICT security work plan and resourcing, monitoring performance in security indicators and risk acceptance decisions).
• Regular reviews of all ICT systems across different operating environments, the systems' security design, implementation and operations.
• Conduct Cybersecurity risk assessment and acceptance processes at the management level.
• Review, consult and endorse risk management and mitigation plans from project teams.
• Advise on cyber security solutions and technologies to be deployed suitable to business operations and aligned with WOG-wide advisories and practices.
• Ensure compliance to the defined security policies, standards and guidelines.
• Create and execute end user security awareness programmes
• Establish defined processes for Threat and Incident Management.
• Ownership of security incident response workshops and exercises (table-top exercises, simulation and drills)
• Lead investigation and management of ICT security incidents.

• Degree in Computer Science, Information Systems, Engineering or a related Technology based education.
• Minimum 5 years of information security management experience
• Skilled in evaluating the effectiveness of existing controls and recommending appropriate mitigation strategies for on-premises and cloud-related cybersecurity and data security issues.
• Able to identify on-premises and cloud-specific cybersecurity risks and threats as well as potential violations in on-premises or cloud environments
• Able to collaborate with multi-functional, multi-disciplined teams to formulate, institute real time awareness of security posture and baseline among end users.
• Demonstrate skills to thoroughly assess cybersecurity risks/threats impact
• Solid grasp of ICT operations, security policies, business processes and the relationship between them.
• Knowledge or experience in Infrastructure as Code (IaC) tools such as Terraform and Ansible, including their application in maintaining and automating secure on-premises and cloud environments.
• Strong understanding of insider threats, vendor risks, data leakage, malwares including ransomware, account hijacking, and compliance risks.
• Strong understanding of compliance requirements
• Good interpersonal and partner/ executive leadership skills.
• CISSP/ CISM/ CISA certifications are advantageous.