715 Information Security jobs in Singapore

**Line of Service**Internal Firm Services**Industry/Sector**Not Applicable**Specialism**IFS - Risk & Quality (R&Q)**Management Level**Associate**Job Description & Summary**At PwC, we help clients build trust and reinvent so they can turn complexity into competitive advantage. We’re a tech-forward, people-empowered network with more than 370,000 people in 149 countries. Across audit and assurance, tax and legal, deals and consulting we help clients build, accelerate and sustain momentum. Find out more at If you love the business side of information security this is the place to be. Within the CISO pillar we work closely with member firm stakeholders to understand their business model and roadmap for technology. In turn the CISO pillar outlines the roadmap for NIS and drives engagement and adoption of central security services in line with the PwC Cyber Readiness program. Our mission is to identify, control, and reduce the attack surface across the network of member firms while increasing our adversaries’ cost of attack. Network Information Security team is redefining cyber security on a global scale at PwC. Our mission protects 223,000 PwC members across 157 member firms worldwide, as well as our global clients. If you are seeking an exciting career with the scope to grow your information and cyber security skills, then NIS will empower you to do so.**Roles & Responsibilities**:**Project Support:*** Assist in the planning, execution, and monitoring of projects.* Utilise strong critical thinking and problem solving skills day to day* Collaborate with team members to ensure project deliverables are met on time and within scope.* Prepare and maintain project documentation, including reports, presentations, and meeting minutes.* Quickly adapt to changing priorities and project requirements.* Demonstrate flexibility in managing tasks and responsibilities in a dynamic work environment.* Proactively identify and address potential issues or roadblocks to ensure smooth project execution.* Work with other NIS teams both locally, regionally and globally to deliver the security needs specific to the firm.**Compliance and Vulnerability Management:*** Support work in vulnerability management and compliance activities* Handles BAU activities such as managing security exceptions* Help the business comply with the Information Security Policy by leveraging your cyber security knowledge and expertise.* Collaborate with PwC IT and global team to align security process and tools.**Application Security:*** Guide and support the business team to complete all required security reviews* Build knowledge on application security to effectively support security assessments* Align with different global and local teams to identify and fix gaps or risk found.**Other*** Help with daily security incident handling* Help to manage junior staff, eg. internsAn effective CISO pillar candidate will also possess the following **skills/ Requirements*** Able to work in a fast-paced environment, can upskill quickly and learn proactively* Analytical: Inquisitive nature and intuition regarding what questions to ask, when, and their relative significance.* Technical: Broad understanding of security technology.* Business: High level understanding of PwC’s business model, service offerings, and business operating environment as it pertains to the firm’s threat landscape. Ability to frame threats and exposures in a business context recognized by non-technical staff and executives.* Individuals selected for this role are expected to have both extensive knowledge and managerial know-how related to the following aspects: Demonstrate flexibility in managing tasks and responsibilities in a dynamic work environment* Understanding of technical and non-technical information security risks.* Have skills to analyse data and visualise data (good to have knowledge of Excel, PowerPoint etc.)* Good written and effective communicator to deal with various stakeholders* Meticulous and possesses an eye for details* Proactive, keen to learn, enjoys solving challenging problems, thinking outside of the box* Diligent and open to feedback* Experience in a role balanced between business stakeholders and a central service organization.* Possess knowledge about application security to effectively support security assessments* Time and Task Management: Ability to prioritise risk, manage a variety of take, take ownership to drive completion of activities and deliver on time**Education and Experience**:* Interest in Information Security* Bachelor’s or master’s degree (technical degree) or equivalent Industry certification**Candidate Specifications:***Desired Certifications:** (Certifications aren’t a prerequisite however are well regarded)**Education Level:** Undergraduate Degree (e.g. BIT, BSc) STEM or equivalent work experience: 2 - 4 years’ of progressive professional roles involving information security, computer science and/or other technical background**Education** *(if blank, degree and/or field of study not specified)*Degrees/Field of Study required:Degrees/Field of Study preferred:**Certifications** *(if blank, certifications not specified)***Required Skills**Application Security, Application Security Assessment, Application Security Assessments, Application Security Reviews, Application Security Testing, Cybersecurity Controls, Cyber Security Standards, Security Vulnerability Assessments, Threat and Vulnerability Assessment, Vulnerability Assessments, Web Application Security, Web Application Security Testing**Optional Skills**Accepting Feedback, Accepting Feedback, Active Listening, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Governance, Data Architecture, Data Archiving, Data Flow Mapping, Data Privacy Act, Emotional Regulation, Empathy, Enterprise Content Management, Incident Response Plan, Inclusion, Information Rights Management (IRM), Information Security, Information Security Governance, Information Security Management System (ISMS), Intellectual Curiosity, IT Infrastructure, Operating Model, Optimism, Privacy and Security {+ 6 more}**Desired Languages** *(If blank, desired languages not specified)***Travel Requirements**0%NoNo**Job Posting End Date**
#J-18808-Ljbffr

Overview

Join to apply for the Network Security Engineer role at Comstor Europe

Vacancy No VN13902 • Job Title: Network Security Engineer • Office Location: SG-Singapore • Alternative Office Location:

About the Role

Your Key Responsibilities

Qualifications / Requirements

About Us

Westcon-Comstor (WestconGroup Inc.) is a global technology distributor with worldwide capabilities in Cloud, Global Deployment and Services, and category-leading Security, Unified Communications and Collaboration, Networking and Data Center technology Practices. Combining expert technical and market knowledge with a uniquely collaborative engagement model, the company is transforming technology distribution through its digital and physical products and services delivery. The company works with its partners to deliver results together through an investment in enablement programs and its associates’ dedication to creating an exceptional partner experience. Westcon and Comstor are the company’s go-to-market brands, offering customers a strong portfolio of market-leading and emerging vendors. With teams in 110 offices in 70-plus countries across six continents, Westcon-Comstor provides services to more than 170 countries.

Seniority level

• Entry level

Employment type

• Full-time

Job function

• Information Technology

Industries

• IT Services and IT Consulting

Referrals increase your chances of interviewing at Comstor Europe by 2x

Get notified about new Network Security Engineer jobs in Singapore .

Related roles

• Security Engineer (SOC Analyst) - Digital Bank
• Security Operations Engineer (Shift) - 2 year contract
• Network Security Engineer - Proprietary / High Frequency Trading
• Security/Embedded Systems Engineer (TEE) - Remote, Worldwide | Edinburgh, On Site
• Security Operations Engineer (Infra) - contract
• Digital Trust and Network Security Engineer
• Senior Network Administrator (with Security Expertise)

#J-18808-Ljbffr

Overview

Security Engineer, Global Services Security. Join to apply for the Security Engineer, Global Services Security role at Amazon Web Services (AWS).

Do you want to work on planetary scale security solutions in the cloud? Are you skilled at performing Incident Response activities and helping customers build threat detection and incident response capabilities using highly scalable computing architectures? Are you excited to help customers automate security operations giving them unprecedented capability and agility? Do you enjoy working on fast-paced complex projects focused on game changing business outcomes for customers globally?

As a member of the AWS Customer Incident Response Team (CIRT) in the AWS Global Services Security Organization you will have the opportunity to pioneer technically excellent security solutions supporting customer initiatives that are meaningful to their business. Building on those experiences you’ll collaborate with AWS service teams on new features, innovate with new technologies, and explore new challenges. As a member of AWS CIRT, you will be able to delight customers with leading edge security incident response via AWS Security Incident Response service and Zipline mechanism.

Responsibilities

• Lead incident response operations
• Be the technical resource that earns the trust of customer stakeholders before, during, and after a security event.
• Contribute individually and as part of a team that includes Amazonians, partners, and customers to build and deploy threat detection and incident response capabilities.
• Lead key elements of designing, building, and deploying solutions to automate security operations and incident response on AWS.
• Develop high-quality content, such as automation tools, reference architectures, and white papers to help our customers secure their workloads.
• Innovate on behalf of customers by translating your thoughts into action-oriented results.
• Mentor and invest in our team, partners and customers to raise the bar for our customers.
• On-call required.

Qualifications Basic Qualifications

• 3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience
• Knowledge of networking protocols such as HTTP, DNS and TCP/IP
• 3+ years of experience in technical IT security or related job role
• 1 year of threat detection or incident response experience
• Hands-on technical expertise in incident response technology, security, automation, implementation, integration, and/or deployment

Preferred Qualifications

• Hands-on technical expertise in building scripts, tools, or methodologies that enhance customers’ threat detection and incident response capabilities
• Experience managing a security event, including managing customer expectations and delivering results.
• Experience in operating security solutions, such as WAF, IPS, Anti-DDoS, or SIEM
• Interest and/or experience in big data storage, processing, and analytic methodologies and techniques like relational databases, NoSQL, ETL, business intelligence, Hadoop, data science, or machine learning.
• Knowledge of incident response workflows and processes. Our inclusive culture empowers Amazonians to deliver the best results for our customers.
• Fluent Mandarin Speaker

Location: Singapore, Singapore. Job ID: A . Company – Amazon Web Services Singapore Private Limited.

Employer information

About The Team: Diverse Experiences. AWS values diverse experiences. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.

Why AWS: Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating — that’s why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.

Work/Life Balance: We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture.

Inclusive Team Culture: AWS values curiosity and connection. Our affinity groups promote inclusion and empower our people to take pride in what makes us unique.

Mentorship and Career Growth: We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing opportunities.

Diversity and accommodations

If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit the accommodations page for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.

Job function: Quality Assurance, Information Technology, and Engineering. Industries: IT Services and IT Consulting.

Referrals increase your chances of interviewing at Amazon Web Services (AWS) by 2x. Get notified about new Security Engineer jobs in Singapore, Singapore.

Security Engineer (SOC Analyst) - Digital Bank

Security Operations Engineer (Shift) - 2 year contract

Security/Embedded Systems Engineer (TEE)- Remote, Worldwide | Edinburgh, On Site

Information Technology - Cyber Security Analyst (Scoot)

Security Operations Engineer (Infra) - contract

Security Engineer (Security Operation Center) - Information Security (Campus Recruitment 2026)

(Senior) Security Engineer, Security Engineering & Threat Intelligence

Head of Security Engineering/ Architect (CISO)

Information Technology - Cyber Security Engineer (Threat Management and Incident Response) (Scoot)

Graduate Hiring - Cybersecurity Engineer

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

We are seeking a seasoned Infrastructure Security Lead to manage a small team and drive the security operations of the organisation's enterprise platforms. This role will focus on ensuring the ongoing security, stability, and compliance of critical infrastructure components including network, on-premise systems, cloud platforms, container environments, and servers. The successful candidate will be responsible for leading a technical team, managing platform security operations, coordinating incident response, and overseeing the continuous improvement of security controls across the technology stack.

Key Responsibilities Day-2 Security Operations & Support

• Oversee ongoing platform support for infrastructure security tools and technologies (network security, endpoint, server, container, and cloud).
• Lead troubleshooting, root cause analysis, and resolution of security-related infrastructure issues.
• Ensure high availability, reliability, and performance of security platforms and controls.

Infrastructure Security Leadership

• Define and drive platform security strategies for day-2 lifecycle support, patching, hardening, and configuration management.
• Provide technical leadership in monitoring, threat detection, and incident response activities.
• Partner with engineering and operations teams to ensure secure design transitions into secure day-2 operations.

Governance & Compliance

• Ensure platforms meet regulatory, compliance, and internal audit requirements.
• Maintain strong documentation and operational runbooks for security platforms.
• Track and report on KPIs/metrics related to security tool uptime, incident response, and platform resilience.
• Lead, mentor, and develop a team of security engineers and operations specialists.
• Drive continuous service improvement and automation for operational efficiency.

Requirements

• 10+ years of experience in infrastructure and security operations
• Deep technical knowledge in network security, endpoint/server hardening, container security, and cloud security operations.
• Proven experience leading technical teams in a large-scale enterprise
• Strong understanding of ITIL processes, incident/problem/change management, and security operations frameworks.
• Hands-on familiarity with security tools such as firewalls, IDS/IPS, endpoint protection, SIEM, cloud-native security platforms, and container runtime security.
• Excellent stakeholder management skills with the ability to work across technology and business teams.

To apply

If you’re interested to apply or find out more, please reach out to Chen Yi at Due to anticipated high volume of applications, we regret to inform that only shortlisted candidates will be notified. Thank you.

Reg: R

Lic: 16S8060

#J-18808-Ljbffr

Do you aspire for a rewarding career that lets you do more and achieve more? Unleash your full potential at work with TDCX, an award-winning and fast-growing BPO company.

Work with the world’s most loved brands and be with awesome, diverse people. Be home, belong, and start your journey to #BeMore!

Top Reasons to work with TDCX

• Attractive remuneration, great perks, and performance incentives
• Comprehensive medical, insurance, or social security coverage
• World-class workspaces
• Engaging activities and recognition programs
• Strong learning and development plans for your career growth
• Positive culture for you to #BeMore at work
• Easy to locate area with direct access to public transport
• Flexible working arrangements
• Be coached and mentored by experts in your field
• Join a global company, winner of hundreds of industry awards

What is your mission?

The primary role of the Data Protection Lead is to ensure that the organisation processes the personal data of its staff, customers, providers, or any other individuals (also referred to as data subjects) in compliance with the GDPR, applicable data protection rules, and relevant TDCX country data protection regulations.

• Manage IT staff by assisting to recruit, train, and coach employees, communicating job expectations and appraising their performance.
• Keep up to date on changes in GDPR and data protection–related policies in each of the TDCX-supported countries, ensuring all changes are implemented as per regulatory requirements.
• Foster a security-aware, security-first culture within the company.
• Maintain TDCX data protection policy in line with GDPR and relevant TDCX country data protection regulations, ensuring adherence throughout the organisation.
• Implement awareness programs, knowledge bases, and FAQs on data protection rights, obligations, and responsibilities.
• Collaborate with the Training team to create content and organise training courses for employees (both for new hires and ongoing refresher sessions) to sustain a security-first culture.
• Own and drive the uptake and successful completion of training.
• Provide information when necessary to senior management, including regular DPO compliance reporting.
• Conduct regular audits and risk assessments to ensure compliance with the data protection policy.
• Serve as the PIC for internal and client enquiries (current and prospective), including RFP responses, on data protection–related matters.
• Maintain the data protection risk register and impact assessment.
• Support ISO/PCI/SOC audits in relation to data protection.
• Provide guidance on data protection requirements for new projects and RFPs.

Who are we looking for?

Candidate must possess at least a Bachelor’s degree or professional degree in a related field (Cyber Security, Audit and Compliance, Data Protection, Risk Management).

Strong cybersecurity background: Minimum 3 years of experience in a DPO, compliance, audit, or risk management role (latest role specifically focused on data protection, with at least 1 year in this role).

Audit experience: DPO certification: Certification in Data Protection/Privacy (CIPP/A, CIPT, AIGP).

Experienced in developing and documenting policy and training.

Proficient in standard MS applications (Excel, Word, PowerPoint).

The DPO will report to the CIO.

Who is TDCX?

Singapore-based TDCX is a global business process outsourcing (BPO) leader, offering advanced customer experience (CX) solutions, sales and digital marketing services, and content moderation. It caters to industries such as digital advertising, social media, e-commerce, fintech, gaming, healthtech, media, technology, and travel & hospitality.

TDCX’s smart, scalable approach—driven by innovation and operational precision—positions it as a key partner for companies targeting tangible outcomes. With more than 20,000 employees across 39 locations worldwide, TDCX delivers robust coverage across Asia, Europe, and the U.S.

Visit for more info.

Job Segment: Database, BPO, Cyber Security, Risk Management, Compliance, Technology, Security, Operations, Finance, Legal

#J-18808-Ljbffr

You are about to enter websites controlled or offered by third parties. OCBC hereby disclaims liability for any information, materials, products or services posted or offered at any of these third party web-sites. By creating a link to these third party web-sites, OCBC does not endorse or recommend any products or services offered or information contained on those web-sites or information fed by these third parties nor is OCBC liable for any failure of products or services offered or advertised at any of these third party web-sites. OCBC Group shall in no event be liable for any damages, loss or expense including without limitation, direct, indirect, special, or consequential damage, or economic loss arising from or in connection with any use of or access to any other website linked to this website, any system, server or connection failure, error, omission, interruption, delay in transmission, or computer virus and any services, products, information, data, software or other material obtained from this website or from any other website linked to this website. Any hyperlinks to any other websites are not an endorsement or verification of such websites and such websites should only be accessed at the user’s own risks. This exclusion clause shall take effect to the fullest extent permitted by law.

You further consent to Oversea-Chinese Banking Corporation Limited, its related corporations (collectively, the "OCBC Group"), and their respective business partners and agents (collectively, the “OCBC Representatives”) collecting, using and disclosing your personal data for purposes reasonably required by the OCBC Group and the OCBC Representatives to enable them to process your employment application and assess your suitability for the position which you are applying for. Such purposes are set out in a Data Protection Policy, which is accessible at or available on request and which you confirm you have read and understood.

AVP, Group Information Security & Digital Risk Management page is loadedAVP, Group Information Security & Digital Risk Management Apply remote type Hybrid locations OCBC Singapore time type Full time posted on Posted Yesterday job requisition id JR WHO WE ARE:

As Singapore’s longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.

Today, we’re on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia’s leading financial services partner for a sustainable future.

We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career.

Your Opportunity Starts Here.

Why Join

Protecting our customers' assets and information is at the heart of what we do at OCBC. As an Information Security and Digital Risk Management Specialist, you'll play a critical role in safeguarding our digital landscape and ensuring the integrity of our systems. You'll be part of a team that's passionate about staying ahead of emerging threats and risks.

How you succeed

As the Assistant VP of Information Security and Digital Risk Management (ISDRM), you will be responsible for the 2nd line governance and oversight of information security and digital risks (technology, information, and cyber) within the OCBC Group. The primary role would be the ISDRM lead to support the Bank of Singapore (BOS) entity and its subsidiaries as well as group-wide responsibilities on thematic and risk assurance reviews.

What you do

• Drive or support risk governance and oversight activities and provide effective challenge to strengthen the effectiveness of technology, information or cyber risk in Group, such as risk mitigation programs.

• Plan and conduct 2nd line thematic reviews and risk assurance reviews in emerging risks arising from technology, information and cyber domains.

• Perform regular risk monitoring and management reporting on risk posture to management and Board of Directors.

• Drive or support the formulation and regular update of related Framework and supporting Policies to incorporate applicable industry leading practices and regulatory expectations.

• Drive or support the review and enhancement of controls for existing banking services against emerging technology, information and cyber risks.

• Provide risk advisory service, including recommendation of risk mitigation options, on technology, information and cyber risks associated with new banking services, fintech initiatives, outsourcing-related arrangements, regulatory and legal guidelines.

• Support bank-wide initiatives to facilitate management of applicable legal & regulatory requirements (e.g., Cybersecurity Act, MAS Technology Risk Management Guidelines).

• Keep abreast of new technologies and related risks, industry trends, and regulatory requirements relating to technology, information & cyber security.

Who you are

• Degree in Computer Science or equivalent technical degree.

• Relevant professional certifications (e.g., CISA, CISM or CRISC) would be advantageous.

• More than 7 years of relevant experience in technology, information or cyber risk management, information security or IT audit within the financial services industry.

• Proficient in risk management, IT governance, information & cyber security standards.

• Experienced in leading risk assessments and risk assurance testing.

• Good knowledge and experience in managing legal and regulatory requirements pertaining to technology, information or cyber risk domains (e.g., Singapore, Malaysia, Hong Kong, China).

• Good written and communication skills, as well as solution oriented.

• Ability to interact, engage and influence with stakeholders across all levels.

• Ability to contribute through others, collaborate well across seniority, cultures and locations.

• Proactive and able to work well under pressure or tight deadlines.

What we offer:

Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.

If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!

#J-18808-Ljbffr

Senior Security Project Engineer in Singapore at Logicalis

As Architects of Change, Logicalis' focus is to design, support and execute clients' digital transformation by uniting their vision with their technology expertise and industry insights. The company, through its deep understanding of key IT industry drivers such as security, cloud, data management and IoT, can address customer priorities such as revenue growth and business, operational efficiency, innovation, risk and compliance, data governance and sustainability.

We strengthen our purpose: to design, support, and execute our customers' digital transformation by converging their vision with our technological expertise and knowledge of the industry. The brand refresh underpins both the evolution of Logicalis’ positioning as well as our strategic vision for growth.

• Develop low level design (LLD) document for the project delivery detailing the scope with the sensible technology write up.
• Participate in Internal/Customer meetings and technical workshops to gather information and develop the LLD document.
• In-depth technical knowledge and more than 3 years working experience in implementing and supporting Cisco ISE and HPE Aruba ClearPass NAC solutions.
• Prepare UAT document and perform UAT as per document.
• Understanding of Windows Active Directory and Integration with NAC Solutions
• Proficient with hands-on experience delivering Firewall migrations and fine-tuning Firewall/IPS policies.
• Ability to deliver MFA Solutions for specific use case requirements.
• Assist in reviewing Technical Design Specifications (TDS) document for security projects
• Proactively participate in maintaining internal knowledgebase sharing technical findings within the Team.

The Individual and their Experience:

• Network Access Control (dot1x) experience of Cisco ISE and HPE Aruba ClearPass (Mandatory).
• Hands on experience Cisco FirePower NGIPS.
• Basic understanding of Networking – Routing and Switching Protocols.
• Ability to manage medium to large size project and ensure completion within the projected timeline.
• Build customer relationship to manage the projects in a congenial way.
• Team Player highly spirited, sharing project experience with peers.
• Able to learn and adopt new skills when projects warrant based on the relevant training provided.

Interested applicants please submit your application with your expected salary and notice period to be considered for the role.

We regret that only shortlisted candidates will be notified.

As part of any recruitment process, we collect and process personal data relating to job applicants. We are committed to being transparent about how we collect and use that data and to meeting our data protection obligations. By applying to this post and sending us your resume, you agree to the collection, use and/or disclosure of your personal data in the manner set out in our Data Protection Notice for Job Applicants.

Logicalis is committed to protecting your privacy.

If you’re interested in career opportunities, but not ready to apply, join our Talent Network to stay connected to us and receive updates on the latest job opportunities and company news.

#J-18808-Ljbffr

Whether you’re at the start of your career or looking to discover your next adventure, your story begins here. At Citi, you’ll have the opportunity to expand your skills and make a difference at one of the world’s most global banks. We’re fully committed to supporting your growth and development from the start with extensive on-the-job training and exposure to senior leaders, as well as more traditional learning. You’ll also have the chance to give back and make a positive impact where we live and work through volunteerism.

Shape your Career with Citi

Citibank serves as a trusted advisor to our retail, mortgage, small business and wealth management clients at every stage of their financial journey. Through Citi's Access Account, Basic Banking, Citi Priority, Citigold and Citigold Private Client, we offer an array of products, services and digital capabilities to clients across the full spectrum of consumer banking needs worldwide.

As part of Citi Infrastructure Defense team, the analyst position will participate and be responsible for analysis, design, support of system and network security application troubleshooting. The ideal candidate shall have ability to gather requirements, specifications, and document the technical requirements. Candidate must have demonstrated broad technical knowledge on skill sets below, be able to perform off-hours support, and work independently. Successful candidate will be results oriented, work well in a fast paced, highly collaborative team environment, and be able to multi-task and reprioritize tasks as needed. Candidate will regularly interact with internal customers and adjacent teams. As such, candidates must possess solid verbal and written communication skills, strong personal initiative and expert problem solving abilities.

Responsibilities:

• Identify opportunities to automate and standardize information security controls and for the supported groups
• Resolve any vulnerabilities or issues detected in an application or infrastructure
• Analyze source code to mitigate identified weaknesses and vulnerabilities within the system
• Review and validate automated testing results and prioritize actions that resolve issues based on overall risk
• Scan and analyze applications with automated tools, and perform manual testing if necessary
• Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions
• Direct the development and delivery of secure solutions by coordinating with business and technical contacts
• Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.

Ideal background

• 8+ years of experience with multiple security disciplines and strong understanding of layered defense concepts.
• Deep understanding of TCP/IP technologies and knowledge of network routing protocols
• Experience defining enterprise security strategy and ecosystem across diverse products
• Strong hands on experience with firewall and proxy technologies (Bluecoat, Squid, NGINX)
• Large Scale Network and Security design experience is essential
• Work with and understand regulatory and risk management requirements
• Strong unix / linux experience
• Scripting (Python/Perl/Bash)
• University/ College degree in any STEM area or equivalent industry/technology knowledge

Benefits

• Opportunity to work on the internal security posture for a large financial and thus shaping the industry overall
• Exposure to a broad range of investment technology businesses and products
• Access to our world class testing lab with physical hands-on using hundreds of devices in the IT security ecosystem

How You’ll Succeed

Be conscientious and consistent in identifying security vulnerabilities and working with the respective engineering teams and stakeholders to provide sound guidance and remediations. Be a team player, and a keen learner.

Working at Citi is far more than just a job. A career with us means joining a family of more than 230,000 dedicated people from around the globe. At Citi, you’ll have the opportunity to grow your career, give back to your community and make a real impact.

Take the next step in your career, apply for this role at Citi today

#J-18808-Ljbffr

Job Description

• Regional Information Security Management: Establish a management framework for information security across Asia and Arab region.
• Develop and implement procedures for regional information security management and operation.
• Plan and execute deployment of Otsuka Group standard technology (e.g., security monitoring tools, vulnerability management tools, and phishing reports and simulation tools) in the region.

Factory and Laboratory Security in Asia and Arab Region

• Establish a management and advisory framework for factories and laboratories in the region.
• Design and implement security risk controls for newly established factories in the region.
• Plan, develop, and operate shared security infrastructure for subsidiaries in the region.

Security Compliance Monitoring for Otsuka Global Security Policies

• Plan and execute compliance monitoring activities for global security policies, including those applicable to factories and laboratories in the region.
• Support subsidiaries in planning and executing remediation actions.

Security Advisory Desk for Subsidiaries

• Provide expert security advisory support to subsidiaries in the region
• Regularly or on-demand, notify subsidiaries of recent cyber security threats and vulnerabilities.

Security Incident Responses

• Support or, if necessary act as the commander in responding to security incidents in the region.
• Lead and manage the OSG CSIRT (Cybersecurity Incident Response Team).

Job Requirements (Required) Information/Cyber Security Expertise

• Minimum of 5 years of professional experience in information security, risk management, or IT governance/audit.
• Bachelor's degree in computer science, information security, information technology, or a related field.
• If you do not have one of the above degrees, you should have a related professional certification to prove your expertise (e.g., CISSP, CISM, CISA, CRISC)
• Familiarity with cloud security, network security, and security infrastructure (endpoint protection, security event detection, and identity and access management).
• Familiarity with operational technology (OT) security in factories, plants, and laboratories.
• Extensive experience serving as a commander in cyberattack response.
• Knowledge of regulatory requirements (e.g., GDPR) and industry standards (e.g., NIST).

(Required) Language Proficiency

• Business-level fluency in both Japanese (JLPT N1 or equivalent) and English. These two languages are essential for daily operations and communication with our Japan headquarters as well as group companies, subsidiaries across Asia and Arab Region.

(Preferred) Multinational Company Experience

• Demonstrated ability to work effectively in multinational corporate environments, collaborating across diverse cultures and organizational structures.
• Experience in developing security programs and procedures across regional subsidiaries.

(Preferred) Leadership and Management Experience in Asia and Arab Region

• Demonstrated ability to lead and coordinate multiple subsidiaries across Asia and Arab region.
• Multiple successful completions of security projects for subsidiaries in the region.
• Ability to manage cross-functional teams and drive change in complex environments.

(Preferred) Additional Language Proficiency

• Additional language capabilities are considered an asset for regional communication and collaboration.

#J-18808-Ljbffr