81 Cism jobs in Singapore

XTX Markets is a leading algorithmic trading firm which uses state-of-the-art machine learning technology to produce price forecasts for over 50,000 financial instruments across equities, fixed income, currencies, commodities and crypto. It uses those forecasts to trade on exchanges and alternative trading venues, and to offer differentiated liquidity directly to clients worldwide. The firm trades over $250bn a day across 35 countries and has over 250 employees based in London, Singapore, New York, Paris, Bristol, Mumbai, Yerevan and Kajaani.

We leverage the talent of the people who work here, modern computational techniques and state-of-the-art research infrastructure to analyse large data sets across markets quickly and efficiently, to maximize the effectiveness of our proprietary trading algorithms. We are actively seeking new methods and ideas. The models that drive our trading strategies have evolved considerably over the last 10 years, from econometric methods that gave our company its name, to trees, to neural networks, to modern deep learning architectures.

XTX Markets has an unrivalled level of computational resources in the trading industry, with a growing research cluster currently containing over 25,000 GPUs with 650 petabytes of usable storage. Teams across the firm include world-class researchers with backgrounds in pure math, programming, physics, computer science and machine learning. The firm is also constructing a large-scale data centre in Finland to future-proof its significant computational capabilities.

At XTX Markets technology is our business and we are a diverse organization which attracts outstanding talent from across all industry backgrounds. We are focused on teamwork and our people collaborate on all aspects of the business, working openly and with respect for each other, our clients and the market. Our culture is non-hierarchical and one where everyone is valued. We strive for excellence in everything we do.

The Team

The Information Security team at XTX Markets are accountable for all aspects of the firm’s physical and IT security. From obtaining and transforming events and signals into actionable intelligence to helping design and implement authentication/authorisation systems, alongside third-party risk assessment and global regulatory compliance. This role is based in our Singapore office, and you will work closely with the Risk and Information Security teams in our London HQ.

The Role

As our first Information Security Analyst, you’ll work to ensure that XTX Markets’ data and infrastructure meet – and, where appropriate, exceed – the requirements of global regulators and auditors.

You will:

• Develop and automate compliance workflows (detection, analysis, business justifications, evidence-gathering).
• Liaise with external auditors to resolve findings and document compensating controls.
• Manage third-party/vendor risk assessments and ongoing security reviews.

You’ll also have opportunities to contribute across the security function: improving our vulnerability-management program, enhancing our detection framework, and helping triage and respond to security alerts. You will actively collaborate with a range of stakeholders within the firm.

• 3+ years in Information Security, with a focus on audit/compliance.
• Programming/scripting skills (e.g. Python, PowerShell) particularly for automating repeatable tasks.
• Strong written and verbal communication skills.
• Rapid learner with outstanding attention to detail.
• Self-starter: able to work autonomously, prioritise tasks, and admit mistakes.
• Able to write clear, succinct business justifications and technical documentation.
• Hands-on proficiency with vulnerability management/compliance platforms (e.g. Tenable Nessus).
• Familiarity with Indian information-security regulations and audit practices (SEBI, NSE, etc.)
• An academic foundation in computer science or a related subject would be beneficial.

Seniority level

• Seniority level Associate

Employment type

• Employment type Full-time

Job function

• Job function Information Technology
• Industries Financial Services and Capital Markets

Referrals increase your chances of interviewing at XTX Markets by 2x

Get notified about new Information Security Analyst jobs in Singapore, Singapore .

Technology & Cyber Security Risk Analyst IT Compliance & Cybersecurity Analyst - Financial Service IT Compliance & Cybersecurity Analyst, Financial Service (Campus Recruitment 2025) (Senior) Cyber Security Consultant & Penetration Tester Offensive Security Engineer (Red Team) - Information Security Information Security Analyst / IT Support Engineer Information Technology - Cyber Security Lead Engineer Cyber Security Analyst - Intern #GeneralInternship Information Technology Security Engineer Security Incident Management Analyst - AVP - SINGAPORE

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

XTX Markets is a leading algorithmic trading firm which uses state-of-the-art machine learning technology to produce price forecasts for over 50,000 financial instruments across equities, fixed income, currencies, commodities and crypto. It uses those forecasts to trade on exchanges and alternative trading venues, and to offer differentiated liquidity directly to clients worldwide. The firm trades over $250bn a day across 35 countries and has over 250 employees based in London, Singapore, New York, Paris, Bristol, Mumbai, Yerevan and Kajaani.

We leverage the talent of the people who work here, modern computational techniques and state-of-the-art research infrastructure to analyse large data sets across markets quickly and efficiently, to maximize the effectiveness of our proprietary trading algorithms. We are actively seeking new methods and ideas. The models that drive our trading strategies have evolved considerably over the last 10 years, from econometric methods that gave our company its name, to trees, to neural networks, to modern deep learning architectures.

XTX Markets has an unrivalled level of computational resources in the trading industry, with a growing research cluster currently containing over 25,000 GPUs with 650 petabytes of usable storage. Teams across the firm include world-class researchers with backgrounds in pure math, programming, physics, computer science and machine learning. The firm is also constructing a large-scale data centre in Finland to future-proof its significant computational capabilities.

At XTX Markets technology is our business and we are a diverse organization which attracts outstanding talent from across all industry backgrounds. We are focused on teamwork and our people collaborate on all aspects of the business, working openly and with respect for each other, our clients and the market. Our culture is non-hierarchical and one where everyone is valued. We strive for excellence in everything we do.

The Team

The Information Security team at XTX Markets are accountable for all aspects of the firm’s physical and IT security. From obtaining and transforming events and signals into actionable intelligence to helping design and implement authentication/authorisation systems, alongside third-party risk assessment and global regulatory compliance. This role is based in our Singapore office, and you will work closely with the Risk and Information Security teams in our London HQ.

The Role

As our first Information Security Analyst, you’ll work to ensure that XTX Markets’ data and infrastructure meet – and, where appropriate, exceed – the requirements of global regulators and auditors.

You will:

• Develop and automate compliance workflows (detection, analysis, business justifications, evidence-gathering).
• Liaise with external auditors to resolve findings and document compensating controls.
• Manage third-party/vendor risk assessments and ongoing security reviews.

You’ll also have opportunities to contribute across the security function: improving our vulnerability-management program, enhancing our detection framework, and helping triage and respond to security alerts. You will actively collaborate with a range of stakeholders within the firm.

• 3+ years in Information Security, with a focus on audit/compliance.
• Programming/scripting skills (e.g. Python, PowerShell) particularly for automating repeatable tasks.
• Strong written and verbal communication skills.
• Rapid learner with outstanding attention to detail.
• Self-starter: able to work autonomously, prioritise tasks, and admit mistakes.
• Able to write clear, succinct business justifications and technical documentation.
• Hands-on proficiency with vulnerability management/compliance platforms (e.g. Tenable Nessus).
• Familiarity with Indian information-security regulations and audit practices (SEBI, NSE, etc.)
• An academic foundation in computer science or a related subject would be beneficial.

Apply for this job

*

indicates a required field

First Name *

Last Name *

Preferred First Name

Email *

Phone

Resume/CV

Enter manually

Accepted file types: pdf, doc, docx, txt, rtf

Enter manually

Accepted file types: pdf, doc, docx, txt, rtf

Website

Please indicate what right to work you have in Singapore. * Select.

#J-18808-Ljbffr

SVP/VP - Information Security/ Cybersecurity, Technology Risk Manager, Tech COO, Group Technology SVP/VP - Information Security/ Cybersecurity, Technology Risk Manager, Tech COO, Group Technology

SVP/VP - Information Security/ Cybersecurity, Technology Risk Manager, Tech COO, Group Technology

Job Summary

• Technology is key to enabling the DBS vision of being the leading bank in Asia. To meet the challenges arising from the ever-evolving technological advancements and increasing sophistication and demands of customers, there is a need for deft Technology Risk Managers to ensure robust risk governance.
• As a member of the Technology Risk Management team, you will oversee a global portfolio of technology risk management activities (includes participating in any technology risk management related initiatives), with a focus on:
  • Targeted Risk Reviews
  • Policy/Standard/Guide enforcement validation
  • Thematic risk analysis for IT risks
• This role ensures that DBS Bank's technology risk framework aligns with global regulatory requirements (MAS, HKMA, RBI, GDPR, etc.)and industry best practices (NIST, ISO 27001, COBIT), and internal policies while identifying vulnerabilities and recommending mitigation strategies.
• The position requires a strategic leader who can identify systemic risks, drive audit remediation, and enhance governance across all regions where DBS operates.

Job Duties & Responsibilities

• Accountable for managing internal and external reviews/audits from audit planning (such as request for information (RFI), opening meeting, etc.), fieldwork (such as RFI, issue discussion, etc.), to reporting and closing meeting.
• Responsible for monitoring and validating the closure of management actions, arising from internal and external reviews/audits, including regulator inspection reviews.
• Perform review of new / revised processes, provide risk opinion and ensure proper approvals and documentations.
• Collaborate with the different technology teams to conduct post implementation review of new / revised processes to provide assurance.
• Prepare and develop technology risk insights (such as IT audit thematic and trend analysis) to be presented at forums (such as technology risk forums, etc.).
• Engage and collaborate with technology stakeholders to proactively identify risks at a detailed and technical level and ensure that IT is effectively driving remediation activities and to continuously improve IT risk posture.
• Stay ahead of cyber threats, regulatory changes, and digital banking risks.
• Drive automation (e.g., data analytics, AI/ML) for continuous auditing.
• Provide risk assessment and advisory as required:
  • Evaluate the effectiveness of IT risk governance, security policies, and control frameworks.
  • Assess cyber resilience, red-team exercises, and penetration testing outcomes.
  • Provide actionable recommendations to senior management for risk mitigation.
• Manage technology risk initiatives and perform targeted reviews focusing on, but not limited to, the following domain areas:
  • Cybersecurity controls (e.g., network security, endpoint protection, cloud security, IAM, encryption)
  • Regulatory compliance (MAS, GDPR, RBI, HKMA, etc.)
  • Third-party/vendor risk management
  • Incident response & threat intelligence capabilities
  • Emerging risks (AI, fintech, API security)

Required Qualifications & Experience

Required Experience

• At least 12 years (SVP) / 8 years (VP)in technology risk management, IT audit, or cybersecurity governance, preferably in global banking/financial services.
• Deep expertise in:
  • Regulatory frameworks (MAS TRM, Basel III, GDPR, SOX-ITGC)
  • Cloud security (AWS, Azure, GCP) and DevSecOps controls
  • Third-party & supply chain risk management
  • Data analytics for risk monitoring (Excel, Power BI, Tableau, SIEM tools)
• Proven track record in leading global risk programs and managing cross-regional stakeholders.
• Demonstrated experience in Identifying, assessing and advising on technology risks.
• Excellent organizational, problem solving, interpersonal and operating skills to effectively drive the IT Risk agenda with IT functions.
• Strong communication skills at all levels -- able to effectively communicate with IT and senior management, as well as line staff to drive IT risk mitigation initiatives and other IT risk management related areas.
• Ability to leverage on data analytics to present trends, explain complex issues in a presentable and logical manner
• Experience in driving IT risk management in digital age, leveraging Gen AI and Machine Learning tools, a plus.
• Knowledge of Information Security, System Resiliency & Availability & Software development practices and frameworks and regulatory requirements preferred.
• Good technical competencies and exposure to IT application or infrastructure development, support and management.
• Demonstrated experience of leveraging data and analytics to get stakeholder buy-in is a plus.

Soft Skills:

• Strong executive communication(for Technology EXCO-level reporting).
• Ability to translate technical risks into business impact.
• Leadership in driving cultural change toward risk awareness.

Education & Certifications:

• Bachelor's/Master's in Cybersecurity, IT Risk, Computer Science, or related field.
• Certifications (Required):CISA, CISSP, CRISC, CISM, or equivalent .
• Preferred:ISO 27001 Lead Auditor, AWS/Azure Security, CCSP.

-en

We would like to remind you that eFinancialCareers is a job board and does not conduct hiring or ask for payment or any financial details as part of the job application process.

If you receive any suspicious messages claiming to be from us or a hiring company, we urge you not to click on any links and not to reply to the message itself.

Instead, please report the message to our support team at .

It is advisable to always verify job offers directly with the hiring company.

Boost your career Find thousands of job opportunities by signing up to eFinancialCareers today.

#J-18808-Ljbffr

Analyst, Information Security

2 months ago Be among the first 25 applicants

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s leading financial groups. Across the globe, we’re 120,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

Main Purpose of the Role:

This role is the first line of defence in managing cyber and information risks, ensuring a consistent approach across the organisation. You will be responsible for developing, implementing, and managing systems, policies, standards, and procedures to protect the organisation's physical and electronic information assets. As the IT representative in Singapore, you will serve as the first point of contact between end users and the regional team.

• First line of defence against cyber and information risks
• Develops and manages security systems, policies, standards, and procedures
• Serves as IT representative in Singapore
  
  

Key Responsibilities:

As an Analyst in Information Security, your role will be multifaceted. You will ensure that our client's information risk controls align with international standards. Your responsibilities will include monitoring cyber-security events, investigating security incidents, managing security tools, conducting user awareness training, assisting in managing the regional information security risk profile, coordinating audit activities, business continuity management activities, and providing user support. Your expertise in these areas will be crucial to maintaining the integrity of our client's information assets.

• Ensure alignment with ISO27002 Information Security Standards
• Monitor and respond to cyber-security events
• Investigate security incidents and contain/mitigate risks
• Manage security tools such as vulnerability scanners, web security, malware protection etc.
• Conduct User Awareness Training to improve employee awareness of Cyber Threats
• Assist in managing regional information security risk profile
• Coordinate internal and external audit activities for information security
• Coordinate Business Continuity Management activities
• Provide 1st tier user support in Singapore office
  
  

Skills and Experience:

The ideal candidate for this Information Security Analyst role brings a wealth of skills and experience to the table. With a minimum degree in the IT field and 1-3 years' experience in SOC or Cyber Security related fields from investment bank or financial service institutions. Professional qualifications such as CISSP, CEH, CISP, CISA are highly desirable. Familiarity with various technologies including Unix, Windows, Database systems is a must. Practical experience in implementing and operating security solutions is crucial. A good working knowledge of PC, VDI, Network, Telephone system troubleshooting and support will be beneficial.

• Minimum Degree in the IT field
• 1-3 years experience in SOC or Cyber Security related fields from investment bank or financial service institutions
• Professional qualifications: CISSP, CEH, CISP, CISA, CISM, GWAPT, OSCP or other security related qualifications would be an advantage
• Familiarity with security control for technologies: Unix, Windows, Database, Firewall, Router, mobile technologies etc.
• Practical experience in implementation and operation of security solutions such as Endpoint Protection, Network Detection etc.
• Good working knowledge of PC, VDI, Network, Telephone system troubleshooting and support
• Excellent communication skills in both oral and written English;
• Independent, flexible, self-starter possessing intellectual curiosity;
• Occasional outside business hours work is expected including weekends
• Effective time management, prioritization, interpersonal and communication skills are essential
  
  

We regret to inform that only shortlisted applicants will be notified.

Mitsubishi UFJ Financial Group (MUFG) is an equal opportunity employer. We view our employees as our key assets as they are fundamental to our long-term growth and success. MUFG is committed to hiring based on merit and organsational fit, regardless of race, religion or gender.

Seniority level

• Seniority level Entry level

Employment type

• Employment type Full-time

Job function

• Job function Information Technology
• Industries Financial Services and Banking

Referrals increase your chances of interviewing at MUFG by 2x

Get notified about new Information Security Analyst jobs in Marina East, Central Singapore Community Development Council, Singapore .

Technology & Cyber Security Risk Analyst Information Security Analyst / IT Support Engineer IT Compliance & Cybersecurity Analyst - Financial Service IT Compliance & Cybersecurity Analyst, Financial Service (Campus Recruitment 2025) (Senior) Cyber Security Consultant & Penetration Tester Director, Security of Information & Analysis, APAC Information Technology - Cyber Security Analyst (Scoot) CYBER SECURITY SOC ANALYST (24/7 SHIFT ROTATION) Information Technology - Cyber Security Engineer (Threat Management and Incident Response) (Scoot) Information Technology Security Engineer Information Technology - Cyber Security Lead Engineer Information Technology Security Engineer Offensive Security Engineer (Red Team) - Information Security Cyber Security Analyst - Intern #GeneralInternship

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

Join to apply for the Information Security Engineer role at Manpower Singapore

2 days ago Be among the first 25 applicants

Join to apply for the Information Security Engineer role at Manpower Singapore

Information Security Engineer, Vulnerability Management and Operation

We are seeking an exceptional Security Engineer to support our vulnerability management program. This is a technical, operation-oriented, and hands-on role in a dynamic and fast-paced environment.

You'll work with various applications and systems to manage vulnerabilities, follow up with different teams, drive remediation, and improve current processes.

Description

• You will join a team that stays up to date on emerging security vulnerabilities and threats, maintains composure in crises, and advocates for improving product and service security.
• You need a good technical background and a strong interest in network, system, and web security.
• The role requires excellent communication skills to collaborate effectively with diverse teams. Responsibilities include:
• Working cross-functionally to identify and assess vulnerabilities, guiding teams through the remediation lifecycle with a focus on timely resolution and outcome-driven communication.
• Using programming to analyze large data dumps related to systems and applications to extract key information for vulnerability impact analysis.

Key Qualifications

• BSc in Computer Science, Information Technology, Information Security, or related field
• At least 3 years of experience in information security or related field
• Self-starter with flexibility to work remotely and support a global team
• Ability to manage multiple activities concurrently
• Passionate about data security
• Experience with vulnerability scanning tools like Tenable, Qualys, etc.
• Familiarity with common security vulnerabilities and their severity assessment
• Ability to analyze vulnerabilities and provide remediation guidance
• Independent in supporting and driving vulnerability remediation
• Continuous improvement mindset and automation skills
• Ability to run proof of concept for known vulnerabilities
• Understanding of IPv4 and IPv6 networks
• Proficiency in programming languages such as Python, Go, Rust, or Bash scripting
• Excellent critical thinking skills
• Problem-solving skills related to logic and algorithms
• Experience with SQL and Linux
• Experience with penetration testing
• Knowledge of the security research community

Note: Your response to this advertisement and communications will constitute informed consent for the collection, use, and disclosure of personal data by ManpowerGroup Singapore, in accordance with the Personal Data Protection Act 2012. For more information, visit ManpowerGroup's Privacy Policy .

#J-18808-Ljbffr

Job Overview: We are looking for a highly motivated and technically skilled fresher to join our IT team as an Information Security Analyst / IT Support Engineer. This role is perfect for someone who possesses strong foundational knowledge in IT, cybersecurity, digital currencies, and decentralized technologies. As an Analyst, you will be the first line of defense in monitoring, detecting, and responding to security threats. Additionally, you will support daily IT activities.

Key Responsibilities: Endpoint Security and Device Management:

• Perform regular checks and updates of endpoint security device management solutions, including antivirus, SSO, and security tools.
• Ensure all systems are compliant with organizational security standards by implementing patches and updates as required.
• Monitor antivirus dashboards, flagging and resolving issues related to malware, viruses, and suspicious activities.
• Assist in deploying and configuring endpoint security software on new devices, ensuring they adhere to the security policy.

Security Incident Management:

• Serve as the initial point of contact for security-related incidents like suspicious emails.
• Follow defined incident management processes to ensure efficient resolution of issues.
• Work with internal teams to identify the root cause of security incidents and implement remediation actions.
• Provide accurate, clear, and concise updates to stakeholders regarding the status of ongoing incidents and resolutions.

Skills and Qualifications: Technical Knowledge:

• Basic understanding of cybersecurity concepts and technologies (firewalls, VPNs, SIEM, IDS/IPS).
• Familiarity with endpoint security tools such as antivirus software, firewalls, and intrusion detection systems.
• Knowledge of decentralized technologies such as blockchain, cryptocurrency wallets, and smart contracts.
• Experience with basic network troubleshooting, system administration, and IT infrastructure maintenance.
• Knowledge of operating systems, including Windows, Linux, and macOS.

Analytical and Problem-Solving Skills:

• Ability to analyze logs, alerts, and network traffic to identify suspicious behavior.
• Strong attention to detail when investigating potential security incidents.
• Ability to solve IT-related problems and troubleshoot technical issues quickly and effectively.

Communication and Collaboration:

• Strong written and verbal communication skills, especially for preparing incident reports and documenting security events.
• Ability to work in a team-oriented environment and collaborate with senior IT professionals and other departments.
• Provide user-friendly technical support and guidance to employees and customers.

Learning Attitude:

• Willingness to learn and adapt to new tools, technologies, and processes in a fast-paced environment.
• A proactive attitude towards improving your skills and participating in internal and external training sessions.

Education and Experience:

• Minimum 5 years of relevant experience
• Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field.
• Industry-recognized certifications (even entry-level) such as CISSP, CompTIA Network, CEH (Certified Ethical Hacker), or Certified SOC etc. are a plus.

About Our Team:
The Chief Information Security Office (CISO) is home to deeply talented colleagues that work to ensure the safety of Citi's clients', our revenue, our employees and our proprietary data. We manage information security as one end-to end program - one with a clear mandate and accountability. Our mission is a program that is fully anchored to modern control and architectural frameworks, is fully aligned with the enterprise architecture of the firm and is deeply integrated into the sectors and functions.
The Security Incident Management Analyst is an intermediate level position responsible for driving efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.
Citigroup's Security Operations Center is seeking a highly skilled Security Incident Management Analyst to support critical efforts aimed at protecting Citigroup's infrastructure, assets, clients and stakeholders. This is a demanding role with enterprise-wide exposure and responsibility. You will serve both as a subject matter expert and as an ambassador for the security incident management team. You will be assigned to the Security Incident Management Team, and will collaborate closely with a talented cadre of security specialists as they respond to data breaches and other security incidents that impact Citigroup. Your observations and recommendations will impact security decisions across the organization, and play an important part in maturing Citigroup's defense-in-depth cyber operations.
**Responsibilities**
As a Security Incident Management Analyst, your primary responsibility is to manage risk throughout the security incident lifecycle. Related activities include, but are not limited to:
+ Work as part of a best in class 'follow the sun' security incident response team.
+ Lead and manage incident response activities to ensure that requisite triage, containment, and eradication are completed within targeted timeframes.
+ Ensure that the security incident record is complete, accurate and fit for purpose.
+ Collect and analyze evidence including investigative findings and prepare to coordinate with internal and external compliance and audit personnel.
+ Execute incident response meetings and communicate complex security topics; exhibit good judgment and discretion when initiating escalations to all levels of the organization.
+ Ensure that controls are utilized daily and that non-compliance remediation is addressed by appropriate selection.
+ Provide IS consulting services, including interpreting and/or clarifying information security policy, procedures, standards or concepts.
+ Assist with defining and implementing information security standards to align procedures and practices in pursuit of compliance with Citigroup standards.
+ Validate compliance with information security policies, practices, and procedures, and resolve a variety of information security related issues in coordination with the relevant business(es).
+ Assume both informal and formal mentorship roles within the team, and assist with coaching and training of new team members.
+ Act as an authority for cyber security incidents, with the ability to reliably identify and escalate threats with appropriate urgency.
+ Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.
**Qualifications**
+ Stay current with the evolving landscape of cyber threat activities and cybersecurity best practices
+ Work independently with minimal oversight
+ Adapt to changing requirements in a fast paced environment
+ Multitask and meet deadlines despite competing priorities
+ Navigate operational impediments in order to complete time sensitive tasks
+ Identify and document any opportunities for process improvement
+ Be a reliable team player.
+ Practice mutual respect at all times
+ Establish trust and build strong partnerships
+ Resolve conflict in a constructive manner and use as an opportunity to develop team unity
+ Prioritize collective success ahead of individual ambition
+ Strong communicator.
+ Establish clear narratives to describe observations, ideas and recommendations
+ Motivate colleagues and partners to cooperate and support as needed
+ Exert influence, both verbally and in writing, through all levels of the organization
**Requirements**
+ Relevant professional certifications issued by GIAC, AWS, etc., preferably GCCC, GCIH, CEH, ECSA.
+ General Industry knowledge of reporting obligations pertaining to local and national laws and regulatory bodies such as OCC, SEC, ECB, MAS
+ Working knowledge of common security models (Defense-in-Depth) and frameworks (MITRE Attack, Cyber Kill Chain, STIX)
+ Working knowledge of VERIS taxonomy
+ Working knowledge of OSI model
+ Working knowledge of security and/or incident response in cloud environments
+ Working knowledge of software development best practices, including agile methods
+ Familiar with Atlassian tools
+ Previous experience working in highly regulated environment
+ Previous experience in a fusion center and/or exposure to large scale incident response
+ Prior experience with information technology and/or information security in the financial services industry
+ Prior experience with cloud environments (e.g. AWS, GCP, Azure)
+ Working knowledge of how computer applications, systems, and networks are managed and secured.
+ Working knowledge of common security threats and vulnerabilities, attack vectors, and adversary tactics, techniques, and procedures (TTP's)
+ Proficient threat intelligence supported by a clear understanding of Cyber Adversarial levels , their motives and capabilities.
+ Must have flexibility to work outside of normal business hours when necessary
**Education and Experience**
+ Bachelor's degree in Computer Science, Computer Engineering, Information Security, Digital Forensics Sciences, or other IT related field however Master's is preferred.
+ 5+ years of professional experience in cybersecurity and/or information security, or demonstrated equivalent capability
+ Previous experience with cyber investigations and/or incident response
+ Working Knowledge of CIS Top 18, NIST 800-53 and NIST 800-61
+ Proven experience of enterprise wide stakeholder interaction and management
---
**Job Family Group:**
Technology
---
**Job Family:**
Information Security
---
**Time Type:**
Full time
---
_Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law._
_If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review_ _Accessibility at Citi ( _._
_View Citi's_ _EEO Policy Statement ( _and the_ _Know Your Rights ( _poster._
Citi is an equal opportunity and affirmative action employer.
Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.

Founded by Changpeng Zhao (CZ) in 2017, Binance is currently the largest cryptocurrency exchange in terms of daily volume. Binance is the core global exchange. However, Binance operates separate exchanges in some countries such as the US, UK, Singapore, and Turkey due to regulatory reasons.

Since Binance has global operations, the exchange does a lot of hiring on a regular basis. Being a market leader, Binance Jobs also come with significant perks. Most of the jobs are remote, with flexible working hours. Binance also offers health insurance, the option to be paid in crypto, and programs to develop your skills.

Binance is the leading global blockchain ecosystem and cryptocurrency infrastructure provider whose suite of financial products includes the world’s largest digital-asset exchange. Our mission is to accelerate cryptocurrency adoption and increase the freedom of money. If you’re looking for a fast-paced, mission-driven organization where opportunities to learn and excel are endless, then Binance is the place for you. We are seeking an Information Security Governance Manager to be responsible for implementing a comprehensive and consistent security governance and compliance strategy across the organization to protect and manage its technology and data related information security risks. The candidate will be responsible for coordinating, identifying gaps, providing guidance and establishing end to end security governance to ensure effective internal controls are implemented to achieve data privacy, security, reliability and resilience that meets compliance and local regulatory requirements.

Responsibilities

• Support the delivery of global security governance and compliance strategies.
• Manage and maintain a security compliance framework across global entities that can align to Binance’s compliance and internal audits requirements.
• Develop, manage and maintain effective information security policies, processes, standards and procedures.
• Lead and support ISO 27001, PCI-DSS, SOC 2 Type 1/2 and other security compliance projects.
• Develop maturity model and track information security controls.
• Internal first point of contact for general security enquiries. Proactively approach and support internal stakeholders across global entities.
• Establish and maintain global security governance and compliance process.
• Respond to security questionnaires from internal/external security audits and organize/document the common answers and approaches for future audits.
• Facilitate security risk management within the business units.
• Establish and maintain information risk metrics to highlight information assets that have the highest risk exposure.
• Conduct regular reviews of remediation actions and report to business and technology senior management.

Requirements

• Bachelor's degree or higher in information technology, cyber security or related field.
• 5+ years of experience in a security governance role.
• Strong leadership and excellent communication skills.
• Understanding of information risk, security control, data privacy related regulations (e.g. CCPA, SG PDPA, EU GDPR, China Cybersecurity law) within the financial services and banking industry.
• Strong knowledge and practical working experiences in delivering global projects of international data privacy and information security frameworks including NIST Cybersecurity & Privacy Framework, ISO 27001, ISO 27701, CIS, SOC 2 Type 1/2 Report, PCI-DSS and ISAE 3000.
• Demonstrable work experience delivering effective business and technical security solutions, processes, tools, and high performing teams.
• A good working knowledge of the latest information technology security trends and emerging threats is essential.
• Experience of implementing risk management principles and methodologies within a security or technology function.
• Good project management experience and skills.
• Strong analytical and problem-solving skills are a must-have.
• Having one of the below security or privacy qualifications is a plus - CISSP, CISM, CISA, CEH, SANS, CCSP, ISO 27001 Lead Auditor, IAPP CIPP / CIPM.
• An understanding of cloud infrastructure technologies and associated risks would be beneficial.

Working at Binance

• Be a part of the world’s leading blockchain ecosystem that continues to grow and offers excellent career development opportunities.
• Work alongside diverse, world-class talent in an environment where learning and growth opportunities are endless.
• Tackle fast-paced, challenging and unique projects.
• Work in a truly global organization, with international teams and a flat organizational structure.
• Competitive salary and benefits.
• Flexible working hours, remote-first, and casual work attire.

Learn more about how Binancians embody the organization’s core values , creating a unified culture that enables collaboration, excellence, and growth. Apply today to be a part of the Web3 revolution! Binance is committed to being an equal opportunity employer. We believe that having a diverse workforce is fundamental to our success. By submitting a job application, you confirm that you have read and agree to our Candidate Privacy Notice .

#J-18808-Ljbffr

Get AI-powered advice on this job and more exclusive features.

Temus was established by Temasek in partnership with UST, to provide digital transformation solutions for the private and public sectors as we aspire to be a strategic partner in realising the Singapore Government’s Smart Nation vision. We are headquartered in Singapore and have more than 400 employees across a wide range of disciplines in strategy, design, architecture, technology, data & AI.

Job Summary:

We are seeking a motivated and knowledgeable professional in Cyber Security with hands-on experience in AWS, GCP, Azure and particularly in cloud security tools such as Microsoft Defender and Microsoft Intune MDM, MAM . The ideal candidate will have a passion for cloud platforms, and a willingness to contribute to both Cyber Security (CS) and IT Operations functions in a fully cloud-native environment .

Key Responsibilities:

• Support and enhance cloud security initiatives across AWS, GCP, and Azure with a focus on Microsoft Defender integration and monitoring.
• Ensuring IT security programs comply with both regulatory and ISO27001 requirements.
• Continuously assess security threats and vulnerabilities across project networks, recommending appropriate risk management strategies.
• Foster IT security awareness through communications and knowledge sharing.
• Collaborate with the IT team to achieve and maintain ISO standards related to Information Security and Supply Chain Security Management.
• Collaborate with IT team to improve cloud posture, threat detection, and response capabilities.
• Participate in the daily operations of security tools, including log analysis , incident response , and vulnerability management .
• Handle ticketing system queues and ensure timely resolution of user-reported issues and security incidents.
• Assist with cloud resource configuration reviews and recommend security improvements.
• Oversee project setup and configuration for vulnerability and security setup needed
• Prepare and present security monthly overview report.

Job Requirements:

• Minimum 3 years of working experience in Cyber Security or related roles
• Working knowledge of Security controls in AWS, GCP, and Azure
• Familiarity with Microsoft Defender for Cloud or similar cloud-native security solutions.
• Understanding of basic IT operations (networking, systems, security and endpoint management).
• Willingness to learn and work across both Cyber Security and IT Operations teams.
• Strong problem-solving and communication skills with a good learning attitude.
• Basic understanding of ISO 27001 and DPTM

Preferred to Have:

• Experience operating in fully cloud-native environments .
• Solid understanding of cloud security configurations and best practices for AWS, GCP and Azure.
• Familiarity with governance, risk, and compliance considerations in the cloud.
• Strong documentation habits and operational discipline.

Good to Have Certifications:

• ISO/IEC 27001:2022 Information Security Management Systems Internal Auditor

(By applying for this role, you have read and acknowledge the data privacy statement via this link -

Seniority level

• Seniority level Associate

Employment type

• Employment type Full-time

Job function

• Job function Consulting and Information Technology
• Industries Business Consulting and Services and IT Services and IT Consulting

Referrals increase your chances of interviewing at Temus by 2x

Sign in to set job alerts for “Cyber Security Analyst” roles. Information Technology - Cyber Security Analyst (Scoot) Information Security Analyst Level II - SIEM, Tues-Sat 7am-3pm Graduate Hiring - Cybersecurity Engineer Information Technology - Cyber Security Specialist (Risk and Governance) Information Technology - Cyber Security Engineer (Threat Management and Incident Response) (Scoot) Information Technology Security Engineer Junior Specialist, Cyber Security Defense Operations Information Security Analyst / IT Support Engineer Information Technology Security Engineer Technology & Cyber Security Risk Analyst Application Security Engineer (Pentester) Security Operations Engineer (Shift) - 2 year contract

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr