583 Cybersecurity Risk jobs in Singapore

We are seeking a Senior Information Security GRC Lead to shape our cybersecurity risk posture and influence board-level security decisions.

• This role requires close collaboration with the CISO and senior leaders to embed security governance across all business units.
• The ideal candidate will develop, implement, and maintain an ISMS based on ISO 27001, NIST CSF, and other leading frameworks.
• The successful applicant will manage the GRC lifecycle: risk identification, assessment, control design, treatment, monitoring, and reporting.

About the Job:

The primary responsibilities of this role include developing and implementing an Information Security Management System (ISMS) aligned with industry-recognized standards. This involves managing internal and external audits, overseeing remediation plans, and ensuring compliance with various regulatory requirements.

A key aspect of this position is staying up-to-date with emerging threats, regulatory updates, and industry changes. The ability to translate these into policy and proactive risk management is crucial for success in this role.

To be considered for this role, candidates must have at least 8 years of experience in Information Security. Exposure to SOX is highly desirable. Regional or global coverage is also preferred.

This is an excellent opportunity to join a well-established organization that values information security. As a Senior Information Security GRC Lead, you will enjoy strong support from business stakeholders and the opportunity to make a meaningful impact on our cybersecurity risk posture.

Key Highlights:

• Permanent Position

• Opportunity to work with a dynamic, industry-leading company

• Up to $19,000 + Bonus + comprehensive Benefits package

We are hiring a strategic cybersecurity and risk leader to shape and implement enterprise-wide policies and governance frameworks for a critical public sector environment in Singapore.

This is a leadership opportunity that involves designing and operationalizing cybersecurity and technology risk standards across a large-scale regulated ecosystem. You'll lead a team in delivering control design, policy adherence, and stakeholder engagement to elevate sector-wide cybersecurity maturity.

The ideal candidate brings deep experience in cybersecurity governance, policy implementation, and regulatory engagement, particularly within complex or regulated environments.

Responsibilities:

• Lead the development and lifecycle management of cybersecurity and technology risk policies, standards, and control libraries across a multi-entity public sector ecosystem.

• Engage with senior-level stakeholders to contextualize and align policies with operational realities.

• Oversee control design and attestation processes, ensuring robust compliance tracking and deviation management.

• Drive policy awareness and risk culture initiatives through education campaigns, self-assessment programs, and governance innovation.

• Analyze evolving risks and proactively update frameworks to reflect new technologies, threats, and regulatory shifts.

• Build strong relationships across CIO, CISO, and governance functions in both central and decentralized environments.

• Lead and manage a high-performing team of governance professionals.

Requirements:

• Min 15 years of experience in cybersecurity, risk and compliance within large enterprises or public sector environments.

• Deep familiarity with IM8, NIST CSF, COBIT, ISO27001, or equivalent frameworks.

• Proven ability to translate policy into actionable control programs across diverse stakeholder groups.

• Strong domain knowledge in cybersecurity governance, technology risk, and regulatory alignment.

• Recognized certifications such as CISSP, CISA, CRISC, CGEIT, or equivalent.

• Exceptional leadership and stakeholder management skills, comfortable with influencing across matrixed, senior-level environments.

Interested applicants, please submit updated resume in MS format via the Apply button.

Position and remuneration will be commensurate with skills and experience.
We regret that only short-listed candidates will be contacted.

Careerally Pte Ltd | EA Licence: 24C2215
Josephine Xie | EA Registration No: R1874897

Join to apply for the
Cyber Risk Advisory Consultant
role at
S-RM
1 day ago Be among the first 25 applicants
Join to apply for the
Cyber Risk Advisory Consultant
role at
S-RM
Cyber Advisory Associates help lead our cyber resilience consultancy engagements.
You will work closely with our clients to understand their challenges, lead project teams and deliver innovative solutions across a full spectrum of cyber risk management and governance activities. Our aim is to become trusted advisors to our clients as we help them to navigate dynamic and evolving security risks.
Our Associates are project managers and people managers, as well as consultants. You will join a thriving Advisory Practice in which you will support the development of junior colleagues, drive improvement in products and services and contribute to Practice strategy.
Responsibilities:
Cyber Security Consultancy
Lead consultancy engagements across a broad range of information security disciplines, including:
Technical domains and cyber transformation
Framework assessments and roadmapping
Cyber regulations, governance and compliance
Incident Response, Disaster Recovery and Business Continuity
Training and Exercising
Threat Intelligence
Project Management
S-RM Consultants are organised and dynamic project managers and team leaders. You will:
Lead complex projects independently
Manage client engagement, communication and project planning activities
Oversee technical and governance focussed implementation plans
Work with internal client project teams, subcontractors and partners
Understand and utilise the full range of S-RM's people and expertise
Manage junior colleagues and oversee their career development where appropriate
Client Engagement, Account Management and Business Development
Our consultants are at the heart of our business development activities. You will:
Engage with clients to understand their cyber security challenges
Innovate solutions, create, propose and pitch cyber security engagements
Contribute to the expansion of client accounts and winning new business
Identify market opportunities
Skills and Experience
We think candidates with the following skills and experience are likely to succeed as an Associate at S-RM.
That said, if you don't think you meet all of the criteria below but are still interested in the job, please apply. Nobody checks every box—we're looking for candidates that are particularly strong in a few areas, and have some interest and capabilities in others.
We're looking for someone that is able to adapt to change and work comfortably in a fast-paced environment, this person will have some or all of these skills:
Previous experience in information security, cyber roles and / or technical domains.
Ability and willingness to manage complex projects.
Excellent presentational skills, written work and attention to detail.
Prior consulting experience.
Demonstrable knowledge of:
Cyber Security frameworks, standards and regulations.
Information security principles, tools, technologies and techniques.
Technical cyber knowledge, including:
Cloud Security.
Identity and Access Management.
Software development lifecycle.
Operational Technology.
Industry accreditation such as SANS Institute, Security+, CISM, CISSP or ISO27001;
OUR BENEFITS
We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, this includes but is not exhaustive of:
Holiday – 20 days per year increasing to 25 days (+1 day for every year you worked at S-RM, up to a maximum of 5 days) in addition to bank holidays
Private medical healthcare with Great Eastern including clinical, hospital and dental cover. Offered to you, your partner* and children**.
Life insurance – 4x annual salary
CPF (Central Provident Fund) – Singapore citizens and permanent residents are automatically enrolled into Central Provident Fund (CPF). The contributions vary depending on your age, starting from 17% employer + 20% employee for those who are 55 and younger. Non-Singapore citizens or temporary visa holders – HR will discuss your options on the 1-2-1 basis.
EAP (Employee Assistance Programme) for employee and immediate family, including counselling sessions
Free access to the world-famous mindfulness app Headspace
Seasonal flu vaccination
Eye tests and glasses reimbursement up to certain cost on an annual basis
Formalised Recognition programme
Hybrid working and flexible working hours
Fertility treatment leave – 5 days of leave per cycle of treatment per year
Maternity leave – 26 weeks of full pay followed by 13 weeks of half pay (after 1 year at the company on the "qualifying week" = 15 weeks before a due date)
Paternity leave – 6 weeks of full pay (after 1 year at the company on the "qualifying week" = 15 weeks before a due date)
Maternity benefit (as part of the Private medical healthcare cover) for female employees and wives of male employees - after 1 year on cover
The role will be based in our Singapore office. However, we have flexible working arrangements available.
Seniority level
Seniority level Mid-Senior level
Employment type
Employment type Full-time
Job function
Job function Information Technology
Industries Security and Investigations
Referrals increase your chances of interviewing at S-RM by 2x
Sign in to set job alerts for “Cyber Security Consultant” roles.
Third-Party Security Risk Management, Consultant
Cybersecurity Consultant/Mgr (Cybersecurity Governance and Risk Assessment), SCD
Cybersecurity Incident Response Consultant
Technology & Cyber Security Risk Analyst
Cybersecurity Consultancy and Solutioning (1-year traineeship programme)
Principal/Lead Consultant (Cybersecurity), Transformation Office
Security Consultant (Microsoft Purview)|Contract
Cyber Engagement Lead, Mandiant Consulting, Google Cloud
Senior Security Consultant (Governance Risk & Compliance)
Cyber Security Consultant - Red Team Specialist
TDI – Technology Information Security Officer (TISO) – VP
AVP/VP (12 months contract), Cybersecurity (Governance Oversight)
Deputy Manager (IT Cyber Security) - Contract
Principal Consultant – Infrastructure and Cybersecurity
(Senior) Cyber Security Consultant & Penetration Tester
Manager, Strategic Security Consulting, Mandiant, Google Cloud (English)
Consultant/Senior Consultant, Data Protection Specialist
Cybersecurity Consultant (Cloud Security)
Cyber Security Consultant (Endpoint Deployment)
Kallang, Central Singapore Community Development Council, Singapore 1 month ago
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr

Join to apply for the
Cyber Risk Specialist - MariBank
role at
Monee .
Get AI-powered advice on this job and more exclusive features.
Responsibilities
Be part of the bank’s second line of defence, ensuring a sound and robust IT risk and security function.
Support the team lead in developing technology and cyber risk management policies and frameworks, ensuring compliance with regulations and industry best practices.
Conduct continuous testing of IT controls to evaluate their adequacy and effectiveness related to technology and cyber risks.
Oversee critical cybersecurity operations and identify areas for improvement, such as security architecture, security hardening, data loss prevention, vulnerability assessment, secure SDLC, and SOC.
Collaborate with the first-line Technology Department to mitigate gaps and foster a strong risk culture.
Conduct ad-hoc risk assessments and threat modeling exercises.
Participate in cybersecurity incident response activities.
Support IT security awareness training and conduct phishing campaigns.
Assist in customer education on IT security advisories.
Requirements
Bachelor’s degree or higher in information security, computer science, technology, or related fields.
1-3 years of relevant experience; prior experience in banking is a plus.
Bilingual in English and Mandarin to facilitate cross-border collaboration.
Knowledge of regulatory requirements and industry standards (e.g., MAS TRM Guidelines, ISO27001).
Relevant professional certifications (e.g., CISA, CISSP, CISM) are advantageous.
Additional Information
Seniority level: Entry level
Employment type: Full-time
Job function: Finance and Sales
#J-18808-Ljbffr

Get AI-powered advice on this job and more exclusive features.

Direct message the job poster from Kerry Consulting

We are seeking an experienced Security Governance and Risk Specialist to strengthen our information security governance framework and ensure compliance with regulatory requirements, internal policies, and industry standards. The successful candidate will work closely with stakeholders across Technology, Risk, Compliance, and Audit to maintain a strong security posture and support ongoing improvements in security governance processes.

Key Responsibilities

1. Governance & Policy Management

• Develop, review, and maintain information security policies, standards, and procedures in line with MAS Technology Risk Management (TRM) Guidelines, ISO 27001, and other relevant frameworks.
• Ensure security policies are effectively communicated, understood, and implemented across the organisation.
• Monitor adherence to policies and recommend corrective actions where required.

2. Regulatory & Compliance Management

• Track and ensure compliance with applicable regulations (e.g., MAS TRM, PDPA, GDPR, PCI-DSS).
• Coordinate responses to regulatory queries, inspections, and audits.
• Support internal and external audits, providing evidence and addressing findings in a timely manner.
• Work with IT and business units to identify, assess, and mitigate security risks.
• Maintain and update the security risk register and ensure timely closure of security issues.
• Perform security control effectiveness reviews and support remediation efforts.

4. Security Awareness & Training

• Support the design and rollout of security awareness programmes to enhance the security culture.
• Provide subject matter expertise on security governance during onboarding, projects, and initiatives.

5. Reporting & Metrics

• Prepare and present security governance reports, dashboards, and KPIs for management and board committees.
• Monitor trends and emerging risks to recommend enhancements to governance processes.

Requirements

• Bachelor's degree in Information Security, Computer Science, or related discipline.
• 3-10 years of experience in information security governance, risk, and compliance within financial services or regulated environments.
• Strong knowledge of MAS TRM Guidelines, PDPA, ISO 27001, NIST, COBIT, and related frameworks.
• Experience with security audits, regulatory inspections, and risk management processes.
• Excellent stakeholder engagement, communication, and report-writing skills.
• Professional certifications such as CISM, CISSP, ISO 27001 Lead Implementer/Auditor are preferred.

To apply:

If you're interested to apply or find out more, please share across your CV or reach out to Chen Yi at for a discussion. Due to anticipated high volume of applications, we regret to inform that only shortlisted candidates will be notified.

Reg: R1876389

Lic: 16S8060

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Information Services

Referrals increase your chances of interviewing at Kerry Consulting by 2x

Get notified about new Cyber Security Specialist jobs in Singapore, Singapore .

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

You will oversee the full lifecycle of policies, standards, and control frameworks — from design to implementation, self-assessment, attestation, and deviation management — ensuring they remain relevant, effective, and aligned with evolving risks and regulations.

Job Highlights

• Government-linked organisation
• West location | 5-day work week
• Permanent role with competitive bonus and benefits

Key Responsibilities

• Lead the development, review, and maintenance of cybersecurity and technology risk policies, standards, guidelines, and control libraries.
• Translate regulatory requirements into practical control designs and maintain the sector’s control library.
• Oversee control self-assessments, compliance attestations, and deviation management processes.
• Engage stakeholders across multi-entities and at all levels to align on policy adoption and cybersecurity objectives.
• Roll out awareness and compliance campaigns to strengthen cyber risk culture.
• Monitor emerging risks, threats, and regulatory changes, adapting policies as needed.
• Foster collaboration with peers, stakeholders, and regulators to integrate governance into sector-wide strategies.
• Provide leadership, mentor team members, and contribute to continuous learning initiatives.

Requirements

• Bachelor’s degree in Computer Science with over 15 years’ relevant experience.
• Recognized cybersecurity and governance certifications (e.g., CISA, CISM, CRISC, CGEIT, CISSP, GIAC).
• Proven experience in implementing cybersecurity and technology risk policies, standards, and guidelines.
• Supervisory experience in leading and mentoring a team.
• Strong technical writing skills and familiarity with frameworks such as IM8, NIST CSF, COBIT, ISO27000.
• Expertise in cybersecurity, risk management, and compliance.
• Strong stakeholder engagement, change management, and problem-solving skills.
• Ability to develop strategic roadmaps and lead initiatives from planning to execution.

Interested candidates, please submit your updated resume in MS format by using the Apply Now Button. Alternatively, you may also email your resume to

We regret that only short-listed candidates will be contacted shortly.

Careerally Pte Ltd | EA Licence: 24C2215 Frieda Chan | EA Registration No: R2199193

Assurity Trusted Solutions (ATS) is a wholly owned subsidiary of the Government Technology Agency (GovTech). As a Trusted Partner over the last decade, ATS offers a comprehensive suite of products and services ranging from infrastructure and operational services, authentication services, governance and assurance services as well as managed processes. In a dynamic digital and cyber landscape, where trust & collaboration are key, ATS continues to drive mutually beneficial business outcomes through collaboration with GovTech, government agencies and commercial partners to mitigate cyber risks and bolster security postures.
You will be joining us as Cybersecurity Engineer where you'll need to be comfortable with presentation, familiar with threat risk modelling (plus point if you have experience in VAPT). If you are being selected, you will be hired as a contract employee till 31 March 2027.
Responsibilities:
Curriculum Development and Improvement:
Develop (design, review, and enhance) course content, including workshop curriculum and materials.
Ensure course content aligns with WoG security standards and best practices.
Develop practical exercises and case studies relevant to WoG ICT officers' roles and responsibilities.
Collect and analyse feedback from participants to implement improvements to the programme.
Compile workshop outcome reports, including attendance rates, assessment results.
Provide regular updates to senior management on the progress and impact of the workshop programme.
Assess the effectiveness of the workshop programme in meeting WoG ICT officers' needs.
Propose and implement improvements to the programme based on participant feedback and evolving cybersecurity trends.
Collaborate with CSG to revise and curate course content to ensure relevancy.
Community Engagement:
Drive and maintain community engagement through the establishment and management of communities of practice and expert networks.
Curate and distribute relevant cybersecurity content through newsletters and other communication channels.
Organise and facilitate knowledge-sharing sessions and expert talks.
Workshop Preparation and Delivery:
Manage workshop logistics, including sending invitations and preworkshop materials to participants.
Conduct workshops using approved materials and methodologies.
Foster an interactive learning environment, encouraging participation and engagement from all attendees.
Facilitate knowledge assessments through gamified exercises and quizzes.
Lead discussions on threat modelling and risk assessment issues pertinent to participants' projects.
Manage the distribution of attendance certificates and competency certifications
Possess minimally 5 years of working experience with at least 3 years of experience in conducting cybersecurity risk assessments and threat modelling.
Experience in vulnerability assessment and penetration testing will be advantageous.
In-depth knowledge of cybersecurity frameworks such as IPDRR, MITRE ATT&CK framework, Cyber Kill Chain.
Expertise in cybersecurity threat modelling process.
Experience in managing, coordinating and conducting workshops.
Strong understanding of WoG ICT infrastructure and security challenges.
Excellent communication and presentation skills, with the ability to convey complex technical concepts to diverse audiences.
Join us and discover a meaningful and exciting career with Assurity Trusted Solutions!
The remuneration package will commensurate with your qualifications and experience. Interested applicants, please click "Apply Now".
We thank you for your interest and please note that only shortlisted candidates will be notified.
By submitting your application, you agree that your personal data may be collected, used and disclosed by Assurity Trusted Solutions Pte. Ltd. (ATS), GovTech and their service providers and agents in accordance with ATS’s privacy statement which can be found at: such other successor site.
A wholly-owned subsidiary of GovTech.
We promote a learning culture and encourage you to grow and learn.
#J-18808-Ljbffr

About Us

Green Link Digital Bank is Singapore's inaugural wholesale digital bank focusing on supply chain finance, mainly serving MSMEs and aiming to help MSMEs grow and improve digitization.

Responsibilities

• Provide support to update, review, and refresh the Cyber Security frameworks, policies, standards, and guidelines.
• Cultivate a healthy Cyber Security risk culture and work closely with Technology partners to shape a proactive and anticipatory risk culture.
• Conduct Cyber Security assessments to ensure the effectiveness of Cyber Security related controls.
• Track, monitor, and validate all Cyber Security risk remediation timely.
• Prepare and present the Cyber Security risk report to all relevant committees.
• Actively participate in all Cyber Security incident matters.
• Keep abreast and report of latest Cyber Security development.

Requirements

• Degree in Computer Science, Engineering, Information System, or any relevant academic stream.
• Minimally 2 years of experience in Cyber Security.
• Good understanding of MAS Technology Risk and Cyber Security requirements.
• Familiar with industry security standards such as NIST, COBIT, and ISO 27001.
• Excellent communication and presentation skill.

By submitting your application, you have given your consent for us to collect, use and retain your data for a year as according to our prevailing data retention and PDPA policies. Should you have any enquiries on our data policy, please contact us at

About Us

Green Link Digital Bank is Singapore's inaugural wholesale digital bank focusing on supply chain finance, mainly serving MSMEs and aiming to help MSMEs grow and improve digitization.

Responsibilities

• Provide support to update, review, and refresh the Cyber Security frameworks, policies, standards, and guidelines.
• Cultivate a healthy Cyber Security risk culture and work closely with Technology partners to shape a proactive and anticipatory risk culture.
• Conduct Cyber Security assessments to ensure the effectiveness of Cyber Security related controls.
• Track, monitor, and validate all Cyber Security risk remediation timely.
• Prepare and present the Cyber Security risk report to all relevant committees.
• Actively participate in all Cyber Security incident matters.
• Keep abreast and report of latest Cyber Security development.

Requirements

• Degree in Computer Science, Engineering, Information System, or any relevant academic stream.
• Minimally 2 years of experience in Cyber Security.
• Good understanding of MAS Technology Risk and Cyber Security requirements.
• Familiar with industry security standards such as NIST, COBIT, and ISO 27001.
• Excellent communication and presentation skill.

By submitting your application, you have given your consent for us to collect, use and retain your data for a year as according to our prevailing data retention and PDPA policies. Should you have any enquiries on our data policy, please contact us at