652 Information Security Analyst jobs in Singapore

Work Location :

Singapore, Singapore

Hours:

40

Line of Business:

Technology Solutions

Pay Details:

We're committed to providing fair and equitable compensation to all our colleagues. As a candidate, we encourage you to have an open dialogue with a member of our HR Team and ask compensation related questions, including pay details for this role.

Job Description:

Department Overview

Building a World-Class, Diverse and Inclusive Technology Team at TD

We can't afford to be boring. Neither can you. The scale and scope of what TD does may surprise you. The rapid pace of change makes it a business imperative for us to be smart and open-minded in the way we think about technology. TD's technology and business teams become more intertwined as new opportunities present themselves. This new era in banking does not equal boring. Not at TD, anyway.

Enterprise Protect – CTM (Cyber Threat Management) team is a group of technology, security and risk professionals in North America and Singapore, focused on managing a comprehensive program to assess, prioritize, and mitigate business risk with technology controls.

The Cyber Security Team is responsible for protecting the Bank, customers, and employees by mitigating and identifying technology threats to TD. Development of effective risk management programs help ensure TD's best-in-class cyber security approach.

What We Stand For

The Enterprise Protect program is continuously evolving to mitigate risks to the bank, including introducing new initiatives and improved defense. With a layered approach to protect customers, employees and the bank from cyber threats, TD manages, challenges and reviews technology controls for all business applications.

Department Overview

Building a World-Class, Diverse and Inclusive Technology Team at TD

We can't afford to be boring. Neither can you. The scale and scope of what TD does may surprise you. The rapid pace of change makes it a business imperative for us to be smart and open-minded in the way we think about technology. TD's technology and business teams become more intertwined as new opportunities present themselves. This new era in banking does not equal boring. Not at TD, anyway.

Enterprise Protect – CTM (Cyber Threat Management) team is a group of technology, security and risk professionals in North America and Singapore, focused on managing a comprehensive program to assess, prioritize, and mitigate business risk with technology controls.

The Cyber Security Team is responsible for protecting the Bank, customers, and employees by mitigating and identifying technology threats to TD. Development of effective risk management programs help ensure TD's best-in-class cyber security approach.

What We Stand For

The Enterprise Protect program is continuously evolving to mitigate risks to the bank, including introducing new initiatives and improved defense. With a layered approach to protect customers, employees and the bank from cyber threats, TD manages, challenges and reviews technology controls for all business applications.

Key Accountabilities

The Senior Information Security Analyst is responsible for leading the team of Information Security Analysts in tier 1 and tier 2 triage investigations and incident handling for cybersecurity operations.

The Senior Information Security Analyst will be responsible for managing information between multiple technical teams, the CSOC, CSIRT and ITS, LOB TS when appropriate.

• Lead and coordinate Real-time analysis on identified cyber incidents currently impacting the bank's operations.
• Analyze, triage, and remediate security incidents internally and/or escalate to Cyber Security Incident Response team (CSIRT) for further investigation, treatment or support if needed.
• Manage incident queue in internal ticketing system in a timely and accurate manner to resolve a multitude of information security related situations and ensure that intake of incidents and reports from internal customers are properly recorded, timely updated, followed up and closed as per agreed SLA level ensuring quality and accurately in reporting.
• Manage and support phishing operations through ticketing system in a timely and accurate manner to mitigate any phishing campaign targeting our internal employees.
• Manage executive communications who are directly impacted or targeted as part of a phishing campaign.
• The ability to guide team to identify, triage and remediate security incidents related to Web Attacks, Malware incidents, and other external and internal threats is required.
• This role functions as part of the operations team, responsible for executing 24x7 onsite security monitoring activities. The operations follow a rotating shift schedule based in Singapore, with shift timings of 7:00AM – 3:00PM, 12:00PM – 8:00PM or 7:00AM – 7:00PM.
• The personnel will be assigned to be on-call rotationally on a weekly basis to support and coordinate with the team for any notable events during after office hours and weekend (APAC Hours).

Job Requirements

Knowledge and Skills:

• 5 - 7 years of experience in Information Security Operations or related field is required.
• A minimum of 3 years experience of leading and coordinating the Security Operations Monitoring team.
• A thorough understanding of security controls and mechanisms, as well as threat risk assessment techniques related to complex data, applications, and networking environment.
• Must have expert knowledge of security incident and event management using an enterprise incident management framework, log analysis, network traffic analysis, malware investigation and remediation, SIEM correlation logic and alert generation.
• Ability to perform analysis and reporting on information from multiple data sources using data mining technique for the purpose of documenting analysis results, produce report and present to a technical and executive stakeholder.
• Must have expert knowledge in SIEM, EDR, XDR, Firewall, WAF, NIDS and equivalent.
• Understanding of Security principles, techniques, and technologies such as NIST Cybersecurity Framework, SANS Top 20 Critical Security Controls and OWASP Top 10.
• Strong organizational and self-directing skills. Ability to initiate, coordinate and prioritize responsibilities and follow through on tasks to completion.
• Must demonstrate expert knowledge in Enterprise IT operations, incident management, change management, Access/Identity Management, security operations, vulnerability and compliance management, ticketing system, incident ticket life cycle and SLA terms.
• Must have excellent written and oral communication skills.
• Ability to work independently on a variety of assignments with minimal supervision.
• Ability to work without supervision with the senior leadership team.
• Good to have basic programming skills in various disciplines including scripting languages.

Background and Education:

• Completion of a Bachelor's degree or equivalent program in Computer Science, Management Information Systems or similar field is required.
• Completion of at least one of the following: GIAC (GSEC, GCIH, GCIA, GCFE, GCFA), CCNP, CCNA, CISSP

Who We Are

TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues.

TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing – and so will you.

Our Total Rewards Package

Our Total Rewards package reflects the investment we make in our colleagues to help them, and their families achieve their well-being goals. Total Rewards at TD includes a base salary and several other key plans such as health and well-being benefits, including medical coverage, paid time off, career development, and reward and recognition programs.

Additional Information:

We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home.

Colleague Development

If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD – and we're committed to helping you identify opportunities that support your goals.

Training & Onboarding

We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role.

Interview Process

We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call.

Accommodation

If you require an accommodation for the recruitment / interview process (including alternate formats of materials, or accessible meeting rooms or other accommodation), please let us know and we will work with you to meet your needs.

Senior Information Security Analyst, CSOC page is loaded# Senior Information Security Analyst, CSOCremote type:
Hybridlocations:
Singapore, Singaporetime type:
Full timeposted on:
Posted Todayjob requisition id:
R_ **Work Location**:Singapore, Singapore**Hours:**40**Line of Business:**Technology Solutions**Pay Details:**We’re committed to providing fair and equitable compensation to all our colleagues. As a candidate, we encourage you to have an open dialogue with a member of our HR Team and ask compensation related questions, including pay details for this role.**Job Description:***Department Overview**Building a World-Class, Diverse and Inclusive Technology Team at TDWe can't afford to be boring. Neither can you. The scale and scope of what TD does may surprise you. The rapid pace of change makes it a business imperative for us to be smart and open-minded in the way we think about technology. TD's technology and business teams become more intertwined as new opportunities present themselves. This new era in banking does not equal boring. Not at TD, anyway.Enterprise Protect – CTM (Cyber Threat Management) team is a group of technology, security and risk professionals in North America and Singapore, focused on managing a comprehensive program to assess, prioritize, and mitigate business risk with technology controls.The Cyber Security Team is responsible for protecting the Bank, customers, and employees by mitigating and identifying technology threats to TD. Development of effective risk management programs help ensure TD’s best-in-class cyber security approach.What We Stand ForThe Enterprise Protect program is continuously evolving to mitigate risks to the bank, including introducing new initiatives and improved defense.
With a layered approach to protect customers, employees and the bank from cyber threats, TD manages, challenges and reviews technology controls for all business applications.**Department Overview**Building a World-Class, Diverse and Inclusive Technology Team at TDWe can't afford to be boring. Neither can you. The scale and scope of what TD does may surprise you. The rapid pace of change makes it a business imperative for us to be smart and open-minded in the way we think about technology. TD's technology and business teams become more intertwined as new opportunities present themselves. This new era in banking does not equal boring. Not at TD, anyway.Enterprise Protect – CTM (Cyber Threat Management) team is a group of technology, security and risk professionals in North America and Singapore, focused on managing a comprehensive program to assess, prioritize, and mitigate business risk with technology controls.The Cyber Security Team is responsible for protecting the Bank, customers, and employees by mitigating and identifying technology threats to TD. Development of effective risk management programs help ensure TD’s best-in-class cyber security approach.What We Stand ForThe Enterprise Protect program is continuously evolving to mitigate risks to the bank, including introducing new initiatives and improved defense.
With a layered approach to protect customers, employees and the bank from cyber threats, TD manages, challenges and reviews technology controls for all business applications.**Key Accountabilities**The Senior Information Security Analyst is responsible for leading the team of Information Security Analysts in tier 1 and tier 2 triage investigations and incident handling for cybersecurity operations.The Senior Information Security Analyst will be responsible for managing information between multiple technical teams, the CSOC, CSIRT and ITS, LOB TS when appropriate.* Lead and coordinate Real-time analysis on identified cyber incidents currently impacting the bank’s operations.* Analyze, triage, and remediate security incidents internally and/or escalate to Cyber Security Incident Response team (CSIRT) for further investigation, treatment or support if needed.* Manage incident queue in internal ticketing system in a timely and accurate manner to resolve a multitude of information security related situations and ensure that intake of incidents and reports from internal customers are properly recorded, timely updated, followed up and closed as per agreed SLA level ensuring quality and accurately in reporting.* Manage and support phishing operations through ticketing system in a timely and accurate manner to mitigate any phishing campaign targeting our internal employees.* Manage executive communications who are directly impacted or targeted as part of a phishing campaign.* The ability to guide team to identify, triage and remediate security incidents related to Web Attacks, Malware incidents, and other external and internal threats is required.* This role functions as part of the operations team, responsible for executing 24x7 onsite security monitoring activities. The operations follow a rotating shift schedule based in Singapore, with shift timings of 7:00AM – 3:00PM, 12:00PM – 8:00PM or 7:00AM – 7:00PM.* The personnel will be assigned to be on-call rotationally on a weekly basis to support and coordinate with the team for any notable events during after office hours and weekend (APAC Hours).**Job Requirements***Knowledge and Skills:*** 5 - 7 years of experience in Information Security Operations or related field is required.* A minimum of 3 years experience of leading and coordinating the Security Operations Monitoring team.* A thorough understanding of security controls and mechanisms, as well as threat risk assessment techniques related to complex data, applications, and networking environment.* Must have expert knowledge of security incident and event management using an enterprise incident management framework, log analysis, network traffic analysis, malware investigation and remediation, SIEM correlation logic and alert generation.* Ability to perform analysis and reporting on information from multiple data sources using data mining technique for the purpose of documenting analysis results, produce report and present to a technical and executive stakeholder.* Must have expert knowledge in SIEM, EDR, XDR, Firewall, WAF, NIDS and equivalent.* Understanding of Security principles, techniques, and technologies such as NIST Cybersecurity Framework, SANS Top 20 Critical Security Controls and OWASP Top 10.* Strong organizational and self-directing skills. Ability to initiate, coordinate and prioritize responsibilities and follow through on tasks to completion.* Must demonstrate expert knowledge in Enterprise IT operations, incident management, change management, Access/Identity Management, security operations, vulnerability and compliance management, ticketing system, incident ticket life cycle and SLA terms.* Must have excellent written and oral communication skills.* Ability to work independently on a variety of assignments with minimal supervision.* Ability to work without supervision with the senior leadership team.* Good to have basic programming skills in various disciplines including scripting languages.**Background and Education:*** Completion of a Bachelor’s degree or equivalent program in Computer Science, Management Information Systems or similar field is required.* Completion of at least one of the following: GIAC (GSEC, GCIH, GCIA, GCFE, GCFA), CCNP, CCNA, CISSP**Who We Are**TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities
#J-18808-Ljbffr

• Be a key driver in shaping our cybersecurity risk posture and influencing board-level security decisions.
• Work closely with CISO and senior leaders to embed security governance across all business units

• Develop, implement, and maintain the ISMS based on ISO 27001, NIST CSF, and other leading frameworks.
• Manage the GRC life-cycle: risk identification, assessment, control design, treatment, monitoring, and reporting.
• Manage internal and external audits; oversee remediation plans and validate efficacy.
• Define and refine security policies, standards, and procedures; lead ongoing compliance efforts with PDPA, PCI DSS, HIPAA, GDPR, SOC 2 (as applicable).
• Deliver security training and awareness communication to enhance security culture.
• Stay ahead of the curve - monitor industry changes, emerging threats, and regulatory updates; translate into policy and upfront risk management.

• Be a key driver in shaping our cybersecurity risk posture and influencing board-level security decisions.
• Work closely with CISO and senior leaders to embed security governance across all business units

• Develop, implement, and maintain the ISMS based on ISO 27001, NIST CSF, and other leading frameworks.
• Manage the GRC life-cycle: risk identification, assessment, control design, treatment, monitoring, and reporting.
• Manage internal and external audits; oversee remediation plans and validate efficacy.
• Define and refine security policies, standards, and procedures; lead ongoing compliance efforts with PDPA, PCI DSS, HIPAA, GDPR, SOC 2 (as applicable).
• Deliver security training and awareness communication to enhance security culture.
• Stay ahead of the curve - monitor industry changes, emerging threats, and regulatory updates; translate into policy and upfront risk management.

ABOUT THE NATIONAL INSTITUTE OF EDUCATION (NIE)

The National Institute of Education (NIE), Singapore , is Singapore’s national teacher education institute and we are proud to be an integral part of the nation’s education service. We play a key role in the preparation of teachers and in the provision of teacher professional and school leadership development programmes. We are committed to our vision of being An Institute of Distinction: Leading the Future of Education and our mission to Inspire Learning, Transform Teaching and Advance Research .

As part of NIE’s commitment to strengthening cybersecurity resilience, we are seeking a Senior IT Security Analyst to lead our Incident Response (IR) capabilities. This role is central to the Institute’s strategic direction, ensuring timely, effective, and coordinated responses to cyber threats, while continuously enhancing our response playbooks and readiness through automation and structured learning. This is a 3-year contract position.

Key Responsibilities:

Incident Response Leadership

• Oversee the entire incident response lifecycle from detection to resolution.
• Lead investigations of IT security incidents and ensure thorough root cause analysis and remediation.
• Develop and maintain incident response playbooks and procedures.
• Coordinate with internal, external stakeholders, and vendors during incidents.
• Conduct post-incident reviews and report findings to management.

Monitoring and Detection

• Develop and implement advanced threat detection and monitoring strategies.
• Utilize SIEM, EDR, and other security tools for timely incident detection.
• Perform threat hunting and proactive security assessments.
• Collaborate with IT teams to deploy and optimize security solutions.

Threat Statistics and Reporting

• Analyze and compile statistics on threats relevant to the Institute.
• Prepare and present detailed reports on threat statistics to stakeholders.
• Use data visualization tools to communicate threat trends and insights.

Requirements:

Educational Background

• A University Degree in Information Systems, Computer Science, Cybersecurity, or a related field.
• Professional Certification(s) in incident handling and security analysis preferred.
• GCIH or its equivalent is preferred.

Professional Experience

• Minimum of 8 years of progressive experience in IT security, with a focus on Incident response.
• Minimum of 4 years of experience in a security operations center, with proven leadership capabilities.
• Intermediate knowledge of security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration.
• Proven experience in managing incident response and performing threat hunting.

Technical Expertise

• Proficiency in Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), traffic and packet analysis, and cloud security.
• Experience in firewall, Intrusion Prevention Systems (IPS), Web Application Firewalls (WAF) administration, virtualization, and cloud technologies.
• Experience in monitoring and administering host-based intrusion detection systems.
• Knowledge and experience in Linux/Windows/Database technologies preferred.
• Strong knowledge of industry standards and information security policy frameworks.
• Hands-on experience with scripting and automation tools to enhance security operations.
• Ability to conduct gap analysis of current processes and identify opportunities for improvement.
• Evaluate internal and external environments for threats related to Information Security and act as a subject matter expert to ensure these are properly addressed and controlled.
• Continuously improve event correlation and alerting processes and use cases to detect potential incidents.
• Automate manual processes to enhance security incident response.
• Experience with network security assessment tools.

Leadership and Communication

• Excellent leadership and team management skills, with the ability to inspire and motivate a team.
• Strong communication skills, with the ability to effectively interact with stakeholders at all levels, including University administration.
• Demonstrated ability to drive strategic initiatives and lead a team through change.
• Exceptional problem-solving skills and the ability to think critically under pressure.
• Ability to interview stakeholders to define and document business requirements.
• Provide advice and guidance on response action plans for information risk events and incidents based on incident type and severity.

Other Information

NIE staff can take chartered buses at their own expense from or near their home to the NIE campus. This is subject to the availability of bus routes and seats.

Req ID: R

Contract Executive (1-year Contract), Information Security Business Analyst
Join to apply for the
Contract Executive (1-year Contract), Information Security Business Analyst
role at
OCBC
Contract Executive (1-year Contract), Information Security Business Analyst
2 days ago Be among the first 25 applicants
Join to apply for the
Contract Executive (1-year Contract), Information Security Business Analyst
role at
OCBC
Who We Are
As Singapore’s longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.
Who We Are
As Singapore’s longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.
Today, we’re on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia’s leading financial services partner for a sustainable future.
We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career.
Your Opportunity Starts Here.
Why Join
Joining our Group Information Security & Digital Risk Management team means becoming part of a forward-thinking organization committed to safeguarding critical information assets in an increasingly complex digital landscape. You will have the opportunity to work alongside experienced professionals, gain hands-on exposure to cutting-edge security practices, and contribute directly to the resilience and integrity of our business operations. This role offers a unique platform to develop your skills in information security and risk management while making a tangible impact. If you are passionate about cybersecurity and eager to grow your career in a supportive and dynamic environment, this is the perfect opportunity for you.
How You Succeed
We are seeking a detail-oriented and proactive Contract Executive to join our Group Information Security & Digital Risk Management team on a 1-year contract basis. The successful candidate will support the implementation and management of information security initiatives and digital risk mitigation strategies to safeguard the organisation’s information assets and ensure compliance with regulatory requirements.
Success in this role requires a proactive mindset, strong attention to detail, and the ability to collaborate effectively across teams. You will thrive by continuously learning about emerging threats and industry best practices, applying this knowledge to enhance our security posture. Effective communication and organizational skills will enable you to manage multiple priorities and support audit and compliance efforts efficiently. By demonstrating initiative, adaptability, and a commitment to excellence, you will play a key role in helping the organization identify and mitigate digital risks, ensuring the ongoing protection of our information assets.
What You Do
Collaborate with multiple stakeholders to analyse existing manual reporting processes and identify opportunities for automation and process improvement
Define and understand business requirements to develop feasible solutions for implementation
Collect and analyse large datasets to identify trends and patterns, interpret data and provide insights to support decision-making
Work with data engineers and developers to define data extraction, transformation, and loading (ETL) requirements
Support user acceptance testing (UAT) and ensure successful deployment of reporting solutions.
Develop intuitive visualisation (e.g., risk profile dashboards) via Power BI, ensuring data accuracy and integrity, and deriving actionable insights
Maintain clear documentation of business processes, data mappings, and reporting logic.
Who You Are
Minimum 5 years of working experience in Data Analytics or Business Analyst in data-driven projects.
Strong analytical skills with attention to details, statistical modelling and visualisation to synthesize vast amounts of data into key insights
Proficient in data visualisation and dashboard development using software such as Power BI and Tableau
Demonstrated ability in process improvement and business process re-engineering.
Knowledge in technology and cybersecurity principles, data governance and data quality principles, and key risk indicators.
Experience in risk management and project management will be advantageous
Good written and oral communication skills and ability to interact effectively
Outcome-driven individual and someone who thrive on solving complex problems
Ability to work independently and as part of a team
What We Offer
Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.
Seniority level
Seniority level Mid-Senior level
Employment type
Employment type Full-time
Job function
Job function Business Development and Sales
Industries Banking
Referrals increase your chances of interviewing at OCBC by 2x
Get notified about new Contract Executive jobs in
Singapore, Singapore .
Senior Executive/ Executive, Operations (Great World City)
Executive / Senior Executive, Order Management
Senior Executive/Executive, Asset Management
Senior Executive/Assistant Manager, Business Human Capital (1 year contract)
Senior Executive / Executive, Operations, Singapore (2 Years Contract) - Clarke Quay
Executive, Operations (The Seletar Mall)
Senior Executive/Executive, Customer Experience
Senior Executive/Assistant Manager, Brand Management (Singapore Oceanarium)
Senior/Executive (Central Region Operations)
Senior Executive / Executive, Operations, Singapore (2 Year Contract) - Bugis Town
Senior Executive / Executive, Operations (2-Years Contract) - Junction 8
Senior Executive, Property Management (1 Year Contract)
Senior Executive/Executive, Procurement (M&E)
Senior Executive / Executive, Property Management
Senior Executive - Customer Relations (ITE College East)
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr

Job Description

Reporting to the Chief Risk Officer, we are currently looking for a risk professional with CCP Clearing Risk and modelling experience to join the Risk Management Department.

Key Duties and Responsibilities

• Manage APEX's clearing risks effectively and comprehensively in line with approved Risk policies.
• Review and update risk policies and procedures to align with IOSCO-PFMI guidelines, regulatory requirements, and directives from the Board Risk Committees.
• Maintain and improve appropriate risk models such as margining, collateral, and stress testing for APEX, which is the key responsibility for this role.
• Identify opportunities and/or gaps to enhance data quality and existing reporting processes.
• Conduct day shift and night shift duties regarding clearing risk management as per required.
• Handle end-of-day stress test reports, back test reports, liquidity risk reports, bank counterparty and Guaranty Fund reports, etc.
• Review and test APEX's contingency plans, including default management and recovery plans, to ensure smooth operability.
• Conduct credit scoring to rate APEX's members and counterparties.
• Conduct regular risk reporting, including monthly, quarterly, and annual reports.
• Execute enterprise risk management tasks as arranged by the Chief Risk Officer.
  Perform any other duties assigned by the Chief Risk Officer from time to time.

Requirements:

• University degree or above with at least 5 years of experience managing the risks of a clearing house or future brokerage, or equivalent experience.
• Good understanding of financial products such as futures and options.
• Strong knowledge of margining, risk models and methodologies.
• Strong quantitative skills, preferably with working knowledge of programming languages / software such as Excel, Python and VBA.
• Motivated and able to produce quality work under pressure.
• Strong analytical ability to analyze risk related issues and deal with complexity and ambiguity.
• Strong communicator with oral, written and presentation abilities in English and Mandarin.
• Good communication and interpersonal skills, positive team player.
• Professional qualifications like CFA, FRM will be considered favorably.

Job Description

You will be a member of the Group Information Security Team responsible for initiating, implementing, and maintaining security products and solutions to support enterprise security. This position is seconded to Scoot.

Key Responsibilities include:

• Subject matter expert (SME) for the security systems owned by the Information Security Team.
• Ensure security systems are utilized to their maximum capabilities.
• Recommend and drive cybersecurity solutions and initiatives to improve the cybersecurity of the organization.
• Prepare RFQ and evaluation criteria. Proof of concept (POC) during product evaluation. Liaising with vendors to implement security solutions.
• Provide security consultancy, technical guidance, expertise, solutions, and education.
• Identify and assess cyber risks in the IT infrastructure environment.
• Keep up to date on emerging security threats and vulnerabilities on new platforms adopted by the SIA Group and propose mitigating controls.
• This is an individual contributor role. Deliver tasks with minimal supervision.
• Provide support for AUDIT initiatives. Liaise with Internal and External Auditors from the Cyber team.
• Provide AUDIT support for ISO 27001, PCI-DSS, and Cyber Security Maturity Assessment.
• Any relevant ad-hoc duties. Manage individual project priorities, deadlines, and deliverables.
• Strong communication skills.
• Coordinate and deploy SIA Group IT cybersecurity initiatives in Scoot.

Requirements

• Degree in IT or related field, with at least 4-6 years in information security, especially in the cybersecurity space.
• Professional security certifications (CISSP, GPEN, OSCP, CEH, CISA, CRISC, CISM etc) preferred.
• Experience with Governance, Risk and Compliance (GRC) activities.
• Familiar with ISO 27001, PCI-DSS, PDPA, and GDPR requirements.
• Experience in security technologies, practices, application/network/systems architecture and design, test tools and processes.
• Knowledge of cyber security threats, vulnerabilities, hacking, and exploit methods etc.
• Strong oral, written, presentation and interpersonal skills.
• Possess a positive attitude with drive, initiative, enthusiasm, and a keen sense of urgency in resolving high-priority issues.
• Able to work independently and in a team-oriented, collaborative environment.