295 Information Security Manager jobs in Singapore
information security manager
Posted today
Job Viewed
Job Description
- Develop, implement, and manage the organization's information security strategy, policies, and procedures .
- Lead the design and enforcement of security controls to protect systems, networks, and data from cyber threats.
- Manage a team of security professionals, providing technical guidance, mentoring, and performance management .
- Oversee risk assessments, vulnerability management, penetration testing, and incident response .
- Ensure compliance with regulatory requirements, industry standards, and frameworks (e.g., ISO 27001, NIST, GDPR, PCI-DSS, HIPAA).
- Collaborate with IT, DevOps, and business teams to embed security into application development and infrastructure design .
- Manage security operations center (SOC) activities , including monitoring, threat detection, and escalation.
- Define, track, and report security KPIs and risk metrics to senior leadership.
- Evaluate, select, and implement security tools and technologies to strengthen organizational defenses.
- Lead security awareness and training programs to promote a strong security culture .
- Cybersecurity & Risk Management : Strong knowledge of threat modeling, risk assessment methodologies, incident response frameworks , and business continuity planning .
- Security Technologies : Hands-on expertise with firewalls, IDS/IPS, SIEM (Splunk, QRadar, ELK), EDR/XDR, DLP, IAM, PAM solutions, WAF, and CASB .
- Cloud Security : Proficiency in securing workloads on AWS, Azure, and GCP , including IAM, KMS, Cloud Security Posture Management (CSPM) .
- Application & Network Security : Experience in secure SDLC, DevSecOps practices, vulnerability management, penetration testing tools (Burp Suite, Metasploit, Nessus, Qualys) .
- Cryptography & Data Protection : Understanding of PKI, SSL/TLS, encryption protocols, key management, tokenization, and data masking .
- Governance, Risk & Compliance (GRC) : Familiarity with ISO 27001, SOC 2, NIST CSF, COBIT, GDPR, HIPAA, PCI-DSS frameworks.
- Incident Response & Forensics : Ability to manage SIEM alerts, digital forensics, malware analysis , and lead response teams during breaches.
- Scripting & Automation : Knowledge of Python, PowerShell, or Bash for automating security operations and log analysis.
- Security certifications such as CISSP, CISM, CISA, CEH, OSCP, CCSP, ISO 27001 Lead Implementer/Auditor .
- Experience in Zero Trust Architecture and container security (Docker, Kubernetes) .
- Knowledge of threat intelligence platforms and SOC automation (SOAR) .
Senior Information Security Manager
Posted today
Job Viewed
Job Description
Job Description
Regional Information Security Management: Establish a management framework for information security across Asia and Arab region.
Develop and implement procedures for regional information security management and operation.
Plan and execute deployment of Otsuka Group standard technology (e.g., security monitoring tools, vulnerability management tools, and phishing reports and simulation tools) in the region.
Factory and Laboratory Security in Asia and Arab Region
Establish a management and advisory framework for factories and laboratories in the region.
Design and implement security risk controls for newly established factories in the region.
Plan, develop, and operate shared security infrastructure for subsidiaries in the region.
Security Compliance Monitoring for Otsuka Global Security Policies
Plan and execute compliance monitoring activities for global security policies, including those applicable to factories and laboratories in the region.
Support subsidiaries in planning and executing remediation actions.
Security Advisory Desk for Subsidiaries
Provide expert security advisory support to subsidiaries in the region
Regularly or on-demand, notify subsidiaries of recent cyber security threats and vulnerabilities.
Security Incident Responses
Support or, if necessary act as the commander in responding to security incidents in the region.
Lead and manage the OSG CSIRT (Cybersecurity Incident Response Team).
Job Requirements
(Required) Information/Cyber Security Expertise
Minimum of 5 years of professional experience in information security, risk management, or IT governance/audit.
Bachelor's degree in computer science, information security, information technology, or a related field.
If you do not have one of the above degrees, you should have a related professional certification to prove your expertise (e.g., CISSP, CISM, CISA, CRISC)
Familiarity with cloud security, network security, and security infrastructure (endpoint protection, security event detection, and identity and access management).
Familiarity with operational technology (OT) security in factories, plants, and laboratories.
Extensive experience serving as a commander in cyberattack response.
Knowledge of regulatory requirements (e.g., GDPR) and industry standards (e.g., NIST).
(Required) Language Proficiency
Business-level fluency in both Japanese (JLPT N1 or equivalent) and English. These two languages are essential for daily operations and communication with our Japan headquarters as well as group companies, subsidiaries across Asia and Arab Region.
(Preferred) Multinational Company Experience
Demonstrated ability to work effectively in multinational corporate environments, collaborating across diverse cultures and organizational structures.
Experience in developing security programs and procedures across regional subsidiaries.
(Preferred) Leadership and Management Experience in Asia and Arab Region
Demonstrated ability to lead and coordinate multiple subsidiaries across Asia and Arab region.
Multiple successful completions of security projects for subsidiaries in the region.
Ability to manage cross-functional teams and drive change in complex environments.
(Preferred) Additional Language Proficiency
Additional language capabilities are considered an asset for regional communication and collaboration.
#J-18808-Ljbffr
Information Security Manager -Security Operations
Posted today
Job Viewed
Job Description
Information Security Manager – Security Operations
We are partnering with a leading organization in Singapore seeking a
hands‐on Information Security Manager
to drive and execute security operations across the business. This is not just a leadership role – we’re looking for someone who is deeply involved in the day‐to‐day running of security tools, incident response, threat detection, and proactive vulnerability management.
You’ll be on the front lines of defending the organization, working directly with SOC analysts, engineers, and IT teams to build and maintain a strong and responsive security posture.
Key Responsibilities
Take ownership of daily security operations, actively monitoring systems for potential threats and vulnerabilities.
Lead and directly participate in security incident detection, triage, investigation, and response.
Operate and fine‐tune SIEM (e.g., Splunk, Sentinel), EDR, IDS/IPS, and firewall tools.
Perform root‐cause analysis and drive corrective actions for security incidents.
Manage incident playbooks and ensure response processes are regularly tested and improved.
Run regular vulnerability scans and coordinate remediation efforts with IT and engineering teams.
Stay up‐to‐date with current threat landscapes and emerging attack techniques.
Work closely with DevOps and cloud engineers to identify and mitigate risks across infrastructure and applications.
Contribute to threat intelligence efforts and threat hunting initiatives.
Implement and enforce security controls aligned with standards such as
MAS TRM ,
PCI DSS , and
GDPR .
Support audit preparation, compliance checks, and risk assessments.
Maintain accurate documentation of security policies, procedures, and configurations.
Participate in risk remediation planning with key stakeholders.
Deliver practical, scenario‐based security training and awareness programs.
Actively engage with engineering and product teams to embed security into system architecture and CI/CD pipelines.
Collaborate with third‐party vendors, MSSPs, and law enforcement when necessary.
Advocate for security best practices across the organization.
Key Requirements
Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related discipline.
At least
5 years of hands‐on experience
in cybersecurity, with a strong background in operational security.
Minimum
2 years leading or managing a security function or team , ideally in a SOC or threat response environment.
Proven experience with tools such as
Splunk, Azure Sentinel, CrowdStrike, Palo Alto, Qualys, Nessus , etc.
Solid understanding of attack vectors, threat detection, and forensic techniques.
Familiarity with
cloud security practices
(AWS, Azure, GCP).
Strong knowledge of regulatory and compliance standards relevant to the Singapore financial sector (e.g., MAS TRM).
#J-18808-Ljbffr
CISO to Associate CISO To Information Security Manager(Hands On)
Posted today
Job Viewed
Job Description
Location:
CBD, Singapore
Contract:
1-year (extendable)
Salary:
S$8k-$10k / month
Experience:
5 years (Insurance sector preferred)
About the Role
Our client is looking for an experienced
CISO / IT Security Lead
to take charge of the company’s information security strategy. You will work closely with the Chief Information & Technology Officer (CITO) and other leaders to protect the company’s data, reduce cyber risks, and ensure IT security aligns with business goals.
This is a senior role that combines
strategy, policy-making, risk management, and hands-on oversight of cybersecurity operations.
Job scope
Security Strategy & Leadership
• Develop and roll out company-wide IT security strategies and policies.
- Advise senior management on cyber risks and security matters.
- Ensure all departments follow the company’s security standards.
Risk & Compliance
• Conduct risk assessments for internal systems and external vendors
(Hands-on) . - Ensure compliance with industry and regulatory standards (e.g. MAS TRM, ISO 27001).
- Lead audits and reviews of security practices
(Hands-on)
Operations & Performance
• Manage the IT security budget effectively. - Track and report key performance metrics (e.g. downtime, incident response, vendor SLAs)
(Hands-on if directly reviewing raw reports/logs instead of only relying on summaries) . - Prepare business cases for new security investments.
Cybersecurity & Incident Response
• Oversee cybersecurity programs for threat detection and response. - Lead investigations and coordinate actions during security incidents
(Hands-on) . - Report on security posture and improvements
(Hands-on if gathering/analyzing data personally)
Technology & Innovation
• Stay updated on new security technologies and trends. - Recommend and implement controls for new IT projects
(Hands-on) . - Drive continuous improvement in security processes.
Requirements
Degree in Computer Science, IT, Information Security, or similar.
Security certifications (e.g. CISSP, CISM, CISA, CRISC, CCSP) preferred.
5 years hands on in IT security, including at least 5 years in a management or CISO role.
Added advantage: - Experience in insurance industries is a plus.
Other skill Set
Strong knowledge of cybersecurity standards and regulations.
Leadership skill set
Key Deliverables
Annual security strategy and risk report.
Quarterly risk reviews and dashboards for management.
Regular updates on security program effectiveness.
Budget and KPI performance reports.
Benefits:
Stable management and a very attractive package for the suitable candidate.
#J-18808-Ljbffr
CISO to Associate CISO To Information Security Manager(Hands On)
Posted 7 days ago
Job Viewed
Job Description
Location: CBD, Singapore Contract: 1-year (extendable) Salary: S$8k-$10k / month Experience: 5 years (Insurance sector preferred)
About the Role
Our client is looking for an experienced CISO / IT Security Lead to take charge of the company’s information security strategy. You will work closely with the Chief Information & Technology Officer (CITO) and other leaders to protect the company’s data, reduce cyber risks, and ensure IT security aligns with business goals.
This is a senior role that combines strategy, policy-making, risk management, and hands-on oversight of cybersecurity operations.
Job scope
1. Security Strategy & Leadership
• Develop and roll out company-wide IT security strategies and policies. • Advise senior management on cyber risks and security matters. • Ensure all departments follow the company’s security standards.
2. Risk & Compliance
• Conduct risk assessments for internal systems and external vendors (Hands-on) • Ensure compliance with industry and regulatory standards (e.g. MAS TRM, ISO 27001). • Lead audits and reviews of security practices (Hands-on)
3. Operations & Performance
• Manage the IT security budget effectively. • Track and report key performance metrics (e.g. downtime, incident response, vendor SLAs) (Hands-on if directly reviewing raw reports/logs instead of only relying on summaries) • Prepare business cases for new security investments.
4. Cybersecurity & Incident Response
• Oversee cybersecurity programs for threat detection and response. • Lead investigations and coordinate actions during security incidents (Hands-on) • Report on security posture and improvements (Hands-on if gathering/analyzing data personally)
5. Technology & Innovation
• Stay updated on new security technologies and trends. • Recommend and implement controls for new IT projects (Hands-on) • Drive continuous improvement in security processes.
RequirementsDegree in Computer Science, IT, Information Security, or similar.Security certifications (e.g. CISSP, CISM, CISA, CRISC, CCSP) preferred.5 years hands on in IT security , including at least 5 years in a management or CISO role.Added advantage:
Experience in insurance industries is a plus.
Other skill Set
Strong knowledge of cybersecurity standards and regulations.Leadership skill setKey Deliverables
Annual security strategy and risk report.Quarterly risk reviews and dashboards for management.Regular updates on security program effectiveness.Budget and KPI performance reports.BenefitsStrong n stable management and very attrative package for the suitable candidateBusiness Information Security Risk Manager
Posted today
Job Viewed
Job Description
Overview
Business Information Security Risk Manager
role at
Mizuho . Mizuho Bank is seeking an experienced Information Security Risk professional to lead information security risk management strategy for the major, multi-year technology transformation program of Core Banking systems and related applications, covering integration, deployment and data migration across Mizuho APAC for CASA, Lending, Cash / Payment, and Trade Finance business functionalities. Reporting to Regional Risk & Control (RRC) and accountable to the Core Banking Program’s Accountable Executive (AE), the Business Information Security Risk Manager will support regional risk governance ensuring effective identification, assessment, mitigation and reporting of information security risks for the Core Banking portfolio. This role requires close collaboration with the AE, CISO and business stakeholders across the region, ensuring adoption of security measures and their consistent integration and execution for Mizuho APAC.
Responsibilities
Serve as the primary liaison between program stakeholders, IT security and the business units to ensure security requirements are integrated into the core banking projects and business processes
Have deep and broad familiarity with Cyber Hygiene, Application Security and Information Security domains to identify, evaluate, secure and manage risks in core banking environments, including enterprise integration, data protection, operational process and third party / vendor risks
Collaborate with legal, audit, assurance and compliance teams to align security risk management with organizational and regulatory requirements
Risk Management
Conduct application threat modeling to identify security weaknesses and vulnerabilities, even without detailed standards or elaborate guidance
Perform compliance review and risk analysis covering IT security and information control areas, and clearly articulate security risk in business context
Evaluate risk mitigation options and influence practical mitigation strategies tailored to core banking architecture and processes, ensuring they are technically feasible and commercially defensible
Provide guidance and consultative support to the program regarding security risk, compliance and best practices
Stay current with industry trends, regional cyber laws, emerging threats and best practices to continuously improve the organization risk posture
Risk Reporting
Own and manage Security Risk Register for the program ensuring ongoing risk identification, mitigation and reporting to senior management and risk committees
Communicate risk policies, findings, recommendations and security posture to stakeholders, including preparing consolidated written reports for senior leadership and relevant committees
Regulatory Compliance
Provide advisory to ensure that all compliance requirements relevant to internal risk management framework and banking regulations across APAC (e.g. MAS, HKMA, etc.) can be met
IT / Risk Governance
Oversee compliance with secure software development lifecycle (SDLC) practices, including secure coding and deployment, security testing, vulnerability management and relevant IT risk management processes
Operate and uplift existing risk management framework and their supporting processes, where required, to address control gaps and effectiveness issues
Organizational Competency
Able to build and maintain strong working relationships with a diverse set of stakeholders within and across the IT and business departments
Able to manage work in a fast-moving, high-pressure environment and balancing multiple work activities
Culturally aware to work well with project teams, including with teams who are based offshore or in different geographical locations
Requirements / Skills and Qualifications
Bachelor’s or Master’s degree in Computer Science, Information Security, Software Engineering, or related field
Professional certifications, such as CISSP, CRISC or CISM, are preferred
Minimum 11 years’ experience in the banking / financial services industries focused on information security and risk related functions
Strong technical expertise in Cybersecurity principles, threat management, and security frameworks with deep understanding of core banking systems, architecture, operations and security challenges
Strong knowledge of application security tools, e.g. SAST/DAST, SCA, secure coding practices and vulnerability management
Demonstrated business acumen with the ability to understand and align security initiatives with business processes and objectives, or proven experience in a BISO role to balance business objectives with security requirements
In-depth knowledge and practical understanding of information security risk management frameworks, standards and methodologies (e.g. ISO 27001, COBIT, NIST, OWASP, MITRE, etc.)
Proven experience in risk assessment methodologies, GRC (Governance, Risk and Compliance) tools, policy development, compliance management, and risk reporting
Familiarity with regulatory requirements and compliance standards relevant to banking across Asia Pacific jurisdictions (e.g. MAS, HKMA, RBI, etc.)
Experience in DevSecOps and Public Cloud Technology stacks / security models (AWS, Azure or Google Cloud) are desirable
Personal Attributes
Analytical mindset with strong problem-solving skills
Proactive, self-motivated and resourceful
Assertive, adaptable and self-aware
Able to work in a fast-paced, regulated environment
Excellent communication and interpersonal skills, able to articulate and summarize complex thoughts and analytics to various stakeholders, including non-technical audience of various levels
Excellent stakeholder management and project management skills
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Project Management and Information Technology
#J-18808-Ljbffr
Data Protection
Posted today
Job Viewed
Job Description
Stellar Link has partnered with an established global organisation to look for a Manager/ Consultant to join their Data Protection & Privacy team. The successful candidate will play a key role in safeguarding information assets, ensuring compliance with privacy regulations, and embedding a strong data protection culture across the business.
What You'll Do- Design and roll out data protection and privacy frameworks tailored to business needs.
- Monitor and review practices to ensure regulatory and contractual compliance.
- Manage investigations into data incidents and advise on corrective actions.
- Develop and deliver awareness programs and training on data privacy.
- Prepare reports and contribute to audits and reviews.
- Mentoring of team members
- At least 5 years' experience in risk, compliance, or governance roles, with 2 years focusing on data privacy or data protection.
- Solid understanding of privacy regulations and governance practices.
- Comfortable leading initiatives while mentoring junior staff.
Be The First To Know
About the latest Information security manager Jobs in Singapore !
Project Manager - Information Security
Posted today
Job Viewed
Job Description
Overview
Join to apply for the
Project Manager - Information Security
role at
Shopee .
Responsibilities
Drive the planning, execution, and monitoring of information security projects.
Track project progress, identify risks, and develop mitigation strategies.
Coordinate with project stakeholders, including security engineers, developers and SREs.
Collaborate with IT compliance to address compliance-related issues and ensure that projects are aligned with regulatory requirements.
Analyse existing processes, identify areas for improvement, optimise workflows, and implement changes.
Qualifications
Bachelor's degree or higher in Computer Science, Information Security, or a related field.
Strong project management skills, including planning, organising, and time management.
Excellent communication and interpersonal skills.
Demonstrates a keen interest in, and understanding of information security or cybersecurity.
Self-driven with the ability to work independently and as part of a team.
Job details
Seniority level: Mid-Senior level
Employment type: Full-time
Job function: Information Technology
Industries: Internet Marketplace Platforms and Technology, Information and Internet
Note: This description focuses on the role responsibilities and required qualifications. Boilerplate referrals or unrelated role listings have been removed.
#J-18808-Ljbffr
Data Protection Officer
Posted today
Job Viewed
Job Description
COMPANY DESCRIPTION
THKMC was incorporated on 13 October 2011 as a charity to provide multiple social and welfare services to the community at large, and achieved an Institute of Public Character (IPC) status on 18 November 2011. THKMC is the charitable arm of Thye Hua Kwan Moral Society, which lives by the mission - To Serve Mankind - to help anyone who needs help regardless of their race, religion, colour, language, creed and culture. THKMC today serves more than 70,000 beneficiaries through more than 70 programmes across five Services, which include Disability, Early Intervention for Children, Family, Seniors' Community, and Therapy.
DESIGNATION : Data Protection Officer
RESPONSIBILITIES
As the Data Protection Officer in THK Disability Services Division, you will be part of a multi-disciplinary team that works with clients with special needs (primarily Intellectual Disability, Autism Spectrum Disorder, mental health concerns and other disabilities). You will review and manage data protection for the Homes and Centres in THK Disability Services (THK DS). You will also support THKMC's corporate Data Protection Officer.
Key Responsibilities
- Data Protection Policies Implementation: Assist with implementing THKMC data protection policies and providing guidance to the management and staff of THK DS in the areas of data protection and privacy
- Data Protection Practice Reviews: Assist with reviews to ensure privacy and data protection compliance and proactively address potential privacy and data protection issues
- Compliance Monitoring: Monitor and report on service-level compliance with data protection policies.
- Data Subject Requests: Efficiently manage and respond to data subject access requests within legal timeframes.
- Liaison: Facilitate communication between the service teams and the Corporate DPO, ensuring alignment of data protection efforts.
- Documentation: Maintain and update detailed records of data processing activities at the service level.
- Authority: Access to service-level data and systems for monitoring and investigative purposes.
- Reporting: Reports to the Corporate DPO and service managers, including metrics and compliance status.
- Any other duties: Assist with ad-hoc projects and consultations
QUALIFICATIONS
- Recognised degree in any field
- At least 1 year of experience in any of these areas - data governance, data privacy, data risk and compliance, IT security, IT audit.
- Be well spoken, resourceful and a team player who has the confidence and maturity to interact effectively with all levels of staff within the firm.
- Strong analytical and problem-solving skills with an eye for detail and accuracy
- Possess a high level of resilience and positive work attitude
- Willingness to learn and deliver timely and quality results to internal stakeholders
- Good writing skills (English) is a plus
OTHER INFORMATION
- Work Location: Eunos (opposite Eunos station)
Data Protection Officer
Posted today
Job Viewed
Job Description
COMPANY DESCRIPTION
THK MC was incorporated on 13 October 2011 as a charity to provide multiple social and welfare services to the community at large, and achieved an Institute of Public Character (IPC) status on 18 November 2011. THK MC is the charitable arm of Thye Hua Kwan Moral Society, which lives by the mission - To Serve Mankind - to help anyone who needs help regardless of their race, religion, colour, language, creed and culture. THK MC today serves more than 70,000 beneficiaries through more than 70 programmes across five Services, which include Disability, Early Intervention for Children, Family, Seniors' Community, and Therapy.
RESPONSIBILITIES
As the Data Protection Officer in THK Disability Services Division, you will be part of a multi-disciplinary team that works with clients with special needs (primarily Intellectual Disability, Autism Spectrum Disorder, mental health concerns and other disabilities). You will review and manage data protection for the Homes and Centres in THK Disability Services (THK DS). You will also support THKMC's corporate Data Protection Officer.
Key Responsibilities
- Data Protection Policies Implementation: Assist with implementing THKMC data protection policies and providing guidance to the management and staff of THK DS in the areas of data protection and privacy
- Data Protection Practice Reviews: Assist with reviews to ensure privacy and data protection compliance and proactively address potential privacy and data protection issues
- Compliance Monitoring: Monitor and report on service-level compliance with data protection policies.
- Data Subject Requests: Efficiently manage and respond to data subject access requests within legal timeframes.
- Liaison: Facilitate communication between the service teams and the Corporate DPO, ensuring alignment of data protection efforts.
- Documentation: Maintain and update detailed records of data processing activities at the service level.
- Authority: Access to service-level data and systems for monitoring and investigative purposes.
- Reporting: Reports to the Corporate DPO and service managers, including metrics and compliance status.
- Any other duties: Assist with ad-hoc projects and consultations
QUALIFICATIONS
- Recognised degree in any field
- At least 1 year of experience in any of these areas - data governance, data privacy, data risk and compliance, IT security, IT audit.
- Be well spoken, resourceful and a team player who has the confidence and maturity to interact effectively with all levels of staff within the firm.
- Strong analytical and problem-solving skills with an eye for detail and accuracy
- Possess a high level of resilience and positive work attitude
- Willingness to learn and deliver timely and quality results to internal stakeholders
- Good writing skills (English) is a plus
OTHER INFORMATION
- Work Location: Eunos (opposite Eunos station)
Please note that your application will be sent to and reviewed by the direct employer - Thye Hua Kwan Moral Charities