238 Information Security Manager jobs in Singapore

Founded by Changpeng Zhao (CZ) in 2017, Binance is currently the largest cryptocurrency exchange in terms of daily volume. Binance is the core global exchange. However, Binance operates separate exchanges in some countries such as the US, UK, Singapore, and Turkey due to regulatory reasons.

Since Binance has global operations, the exchange does a lot of hiring on a regular basis. Being a market leader, Binance Jobs also come with significant perks. Most of the jobs are remote, with flexible working hours. Binance also offers health insurance, the option to be paid in crypto, and programs to develop your skills.

Binance is the leading global blockchain ecosystem and cryptocurrency infrastructure provider whose suite of financial products includes the world’s largest digital-asset exchange. Our mission is to accelerate cryptocurrency adoption and increase the freedom of money. If you’re looking for a fast-paced, mission-driven organization where opportunities to learn and excel are endless, then Binance is the place for you. We are seeking an Information Security Governance Manager to be responsible for implementing a comprehensive and consistent security governance and compliance strategy across the organization to protect and manage its technology and data related information security risks. The candidate will be responsible for coordinating, identifying gaps, providing guidance and establishing end to end security governance to ensure effective internal controls are implemented to achieve data privacy, security, reliability and resilience that meets compliance and local regulatory requirements.

Responsibilities

• Support the delivery of global security governance and compliance strategies.
• Manage and maintain a security compliance framework across global entities that can align to Binance’s compliance and internal audits requirements.
• Develop, manage and maintain effective information security policies, processes, standards and procedures.
• Lead and support ISO 27001, PCI-DSS, SOC 2 Type 1/2 and other security compliance projects.
• Develop maturity model and track information security controls.
• Internal first point of contact for general security enquiries. Proactively approach and support internal stakeholders across global entities.
• Establish and maintain global security governance and compliance process.
• Respond to security questionnaires from internal/external security audits and organize/document the common answers and approaches for future audits.
• Facilitate security risk management within the business units.
• Establish and maintain information risk metrics to highlight information assets that have the highest risk exposure.
• Conduct regular reviews of remediation actions and report to business and technology senior management.

Requirements

• Bachelor's degree or higher in information technology, cyber security or related field.
• 5+ years of experience in a security governance role.
• Strong leadership and excellent communication skills.
• Understanding of information risk, security control, data privacy related regulations (e.g. CCPA, SG PDPA, EU GDPR, China Cybersecurity law) within the financial services and banking industry.
• Strong knowledge and practical working experiences in delivering global projects of international data privacy and information security frameworks including NIST Cybersecurity & Privacy Framework, ISO 27001, ISO 27701, CIS, SOC 2 Type 1/2 Report, PCI-DSS and ISAE 3000.
• Demonstrable work experience delivering effective business and technical security solutions, processes, tools, and high performing teams.
• A good working knowledge of the latest information technology security trends and emerging threats is essential.
• Experience of implementing risk management principles and methodologies within a security or technology function.
• Good project management experience and skills.
• Strong analytical and problem-solving skills are a must-have.
• Having one of the below security or privacy qualifications is a plus - CISSP, CISM, CISA, CEH, SANS, CCSP, ISO 27001 Lead Auditor, IAPP CIPP / CIPM.
• An understanding of cloud infrastructure technologies and associated risks would be beneficial.

Working at Binance

• Be a part of the world’s leading blockchain ecosystem that continues to grow and offers excellent career development opportunities.
• Work alongside diverse, world-class talent in an environment where learning and growth opportunities are endless.
• Tackle fast-paced, challenging and unique projects.
• Work in a truly global organization, with international teams and a flat organizational structure.
• Competitive salary and benefits.
• Flexible working hours, remote-first, and casual work attire.

Learn more about how Binancians embody the organization’s core values , creating a unified culture that enables collaboration, excellence, and growth. Apply today to be a part of the Web3 revolution! Binance is committed to being an equal opportunity employer. We believe that having a diverse workforce is fundamental to our success. By submitting a job application, you confirm that you have read and agree to our Candidate Privacy Notice .

#J-18808-Ljbffr

Get AI-powered advice on this job and more exclusive features.

The IT Security Manager supports the Head of IT Security in driving governance, risk management, and cyber defence initiatives to safeguard Maybank’s technology landscape.

Responsibilities:-

1. IT Security Assessments

• Perform technical security assessments across infrastructure, applications, and cloud environments.
• Provide expert guidance on security architecture and cloud security best practices.
• Evaluate systems to ensure compliance with security requirements and industry standards.

2. IT Security Governance

• Review and enforce IT security standards, procedures, and policies.
• Assess IT practices to ensure alignment with security frameworks and regulatory requirements.
• Maintain adherence of security processes and recommend improvements.

3. IT Security Technologies

• Manage and operate various security tools and platforms, including but not limited to:
• Breach and Attack Simulation (BAS)
• Control Validation Tools
• Active Directory Security (AD)
• Endpoint Detection and Response (EDR)
• Network Detection and Response (NDR)
• Provide technical expertise on the deployment, integration, and optimisation of security solutions.

4. IT Security Program Management

• Lead key security projects and initiatives from planning to execution.
• Act as the point of contact for security tool deployments and technology rollouts.
• Organise and execute cybersecurity exercises, including training and awareness programs for stakeholders.

5. Remediation Management

• Lead critical remediation programs to strengthen the organisation’s security posture.
• Plan, strategize, and implement corrective actions based on risk assessments and security findings.
• Collaborate with cross-functional teams to drive timely resolution of identified security gaps.

Requirements:

• Bachelor’s degree in a relevant field with at least 7 years of experience in IT security compliance and governance.
• Mandatory: CISSP certification
• Preferred: CISM, CISA, SANS, OSCP (highly regarded).
• Strong knowledge of IT security concepts, best practices, and regulatory requirements.
• Familiarity with the current cyber threat landscape, including Cyber Defence, MITRE ATT&CK, and threat-control mapping methods.
• Deep understanding of attack methodologies and defines strategies using IT security tools and products.
• Experience in secure systems development lifecycle (SDLC) assessments and security testing before deployment.
• Hands-on experience conducting cybersecurity assessments, gap analyses, and cyber drills.
• Ability to develop strategic security roadmaps and deliver comprehensive assessment reports with actionable recommendations.
• Extensive experience with certification and audit processes, including systems compliance best practices.
• Knowledge of application security and data analytics is an advantage.
• Strong communication and collaboration skills, with experience working in cross-functional teams.

Only shortlisted candidate will be notified.

Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Full-time

Job function

• Job function Project Management, Quality Assurance, and Accounting/Auditing
• Industries Information Services, Banking, and Financial Services

Referrals increase your chances of interviewing at Maybank by 2x

Sign in to set job alerts for “Information Technology Security Manager” roles. Deputy Head (IT Compliance), Chief Information Office Executive Director, Head of IT Security & Risk Management Deputy Director (IT Infrastructure System Management) Head of IT infrastructure - Foreign Corporate Bank Executive Director - Head of IT Compliance Assistant Director, Technology & Innovation Director of Information Technology and Telecommunications Director-IT Business Partnerships (Retail) Director of Infrastructure & Cloud - Retail Chief Technology Officer (CTO) with Financial Institution Director of Applications & Enterprise Systems Chief Technology Officer, Public Sector, Google Cloud, APAC Deputy Director, Technology & Cyber Risk Supervision (CII Oversight) IT Manufacturing Systems Director - Global Enterprise Manager, Security Operations Centre (SOC)

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

Direct message the job poster from Ensign InfoSecurity

Join Us - Ensign InfoSecurity! | Conquer the Unknown | IHRP-CP

• Assess current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement, to identify any weak points that might make information systems vulnerable to attack
• Develop and manage security strategies, develop policies that encourage secure working and protect data
• Implement, document and drive the adoption of framework, processes and procedures in accordance with security strategies to deliver desired security objectives
• Take ownership of the security and compliance function of the project
• Communicate information security goals and new programs effectively
• Oversee information security audits performed by organization or third-party personnel
• Lead team members for security operations
• Serve as a focal point of contact for the information security team and the customer or organization
• Implement and oversee technological upgrades, improvements and major changes to the information security environment
• Conduct information security awareness training to personnel
• Coordinate staff when responding to security incidents
• Investigate and resolve security incidents
• Review security and breach report
• Report to customer or organization management on security status

The ideal candidate should possess:

• Proven understanding of information security risk assessment and risk management procedures and methodologies.
• Ability to correlate enterprise risk with appropriate administrative, physical and technical security controls.
• Strong understanding and knowledge of security principles, standards, and processes, such as authentication and access control, infrastructure hardening, network traffic analysis, endpoint security, platform architecture, application security, encryption and key management, cloud security, etc.).
• Working knowledge of UNIX and Windows operating systems.
• Excellent verbal and written communication skills.
• Professional certifications such as CISM, CISSP, CRISC or CISA would be an advantage

Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Full-time

Job function

• Job function Information Technology
• Industries Computer and Network Security

Referrals increase your chances of interviewing at Ensign InfoSecurity by 2x

Get notified about new Information Technology Security Manager jobs in Kallang, Central Singapore Community Development Council, Singapore .

Senior Vice President, Head of Technology Governance Deputy Director (IT Infrastructure System Management) Head of Business Process Excellence and IT Chief Technology Officer, Public Sector, Google Cloud, APAC Director of IT Infrastructure and Development

Geylang, Central Singapore Community Development Council, Singapore 2 months ago

Global Chief Technology Officer (CTO), Manufacturing Vice President, Digital Incident & Service Request Management, Consumer Banking Group Director of Applications & Enterprise Systems VP - Technology - IT Operations and Support (SRE) SVP, End User Infrastructure Manager, Technology Group 16413

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

We are representing our client, a healthcare group, in searching for an experienced Information Security professional to augment their existing team.Responsibilities 1. Assist in Strategy Development and Project Security Consulting

• Provide support to the Head of Department in the development and implementation of robust cybersecurity strategies aligned with organizational objectives and regulatory mandates.
• Offer expertise and guidance in security consulting for various projects across hospitals, clinics, and corporate offices, ensure that cybersecurity checklists are completed, and ensure that considerations are integrated seamlessly into all stages of project planning and execution.
• Gather report, compile statistics, and deliver a presentation on threats detected and risk trends

2. Cybersecurity Project Management

• Lead and oversee security proof of concept (PoC) projects to evaluate and validate the effectiveness of new security technologies and solutions before full-scale implementation.
• Lead and manage cybersecurity projects, including the implementation of new security technologies, tools, and processes.

3. Threat Intelligence, Threat Hunting, and Proactive Monitoring

• Conduct proactive monitoring of internal alerts and emerging threats using existing security tools.
• Perform manual threat hunting to identify and address potential security risks promptly, and collaborate with partners to ensure that true positive is mitigated promptly.
• Continuously analyse and respond to security alerts, antivirus software, network detection and response systems, and external assets surface management (EASM) solutions.
• Keep up-to-date with the latest cybersecurity threats, trends, and technologies, with extra attention on Asia region and the healthcare sector.

4. Security Operations Management

• Oversee daily security operations, including monitoring, detection, incident response, and threat management. Ensure alerts raised from the Group Centre of Excellence (COE) are addressed and closed, especially alerts on endpoint detection and response (EDR).
• Perform annual evaluations of USB access controls to ensure that access controls are regularly reviewed and adjusted as needed to maintain endpoint security resilience.
• Ensure that all IT cybersecurity contracts are reviewed and renewed promptly to prevent service disruptions and maintain continuous protection of the company’s assets.
• Participate in and perform role-play scenarios during ad-hoc cyber drills exercise
• Work closely with the Group COE on cybersecurity-related tasks.

5. Incident Response Management

• Coordinate all aspects of incident response, from initial detection to resolution, encompassing investigation, containment, remediation, and reporting of security incidents.
• Conduct thorough pre- and post-incident analysis to identify root causes and contributing factors, and implement necessary improvements to prevent future occurrences.
• Collaborate closely with the Group SOC Team Lead to address any true positive cases, ensuring a timely and effective response to security incidents across the organization.

6. Vulnerability, Risk, and Penetration Test Management

• Review the execution of periodic/ad-hoc vulnerability and penetration tests within agreed scopes with the application owner. Ensure that test findings are promptly remediated before the project goes live with relevant stakeholders.
• Conduct quarterly VA security assessments with the Group COE VA Team to ensure applications are compliant with industry best practices. (i.e: NIST, ISO27001). Manage the identification, assessment, and mitigation of security vulnerabilities and risks. Ensure critical and high findings are addressed within the specified timeline.
• Assist Group COE during the annual exercise on Dynamic Assessment Security Testing (DAST) and security configuration reviews. Work closely with respective stakeholders for information gathering and remediation fixes within the specified timeline.
• Prepare quarterly risk statistics and trends both for in-country and group levels.

7. Regulatory Compliance and Audits

• Ensure the company’s compliance with relevant cybersecurity regulations and standards (e.g., PII, PCIDSS).
• Prepare and participate in security audits and assessments, both internally and externally.
• Engage stakeholders to address the audit findings promptly, facilitating discussions and providing necessary guidance and support.
• Follow up with stakeholders to ensure the timely resolution of identified issues and alignment with established policies and standards.
• Work with the Group COE governance and compliance team to refine policies and standards based on Singapore regulations and hardening baselines based on industry best practices.

Requirements:

• Cybersecurity and IT Risk management professional certificates from ISC2 or ISACA are preferred
• Minimum 5 years, in a combination of multi-disciplinary IT/Security Operations with minimum of 3 years in cybersecurity.
• Experience and knowledge of cybersecurity threats, tools, and best practices (e.g. ISO270001, NIST).
• Experience and knowledge of cloud security are preferred.
• Experience and understanding of IT operations and processes.
• Understanding of Hospital Information systems will be advantageous, especially in Singapore healthcare.
• Knowledge and experience in applying software patches based on product company advisories, e.g. Microsoft security patches.
• Experience in working for a demanding security operations Centre with multiple tracks
• Knowledge of Security Standards and Frameworks, including MITRE & ATT&CK, ISO 27001:2013, Data Protection etc
• Proficient in Information Security Management Systems (ISMS), cybersecurity, and technology risk management
• Experience in working with third-party vendors and vendor management
• Proficient in working with vendors for the successful implementation of large turnkey projects with due diligence, risk management, and quality ensured

#J-18808-Ljbffr

We are assisting our reputable client, a healthcare group, in searching for an experienced Information Security professional to augment their existing team.

Responsibilities

1. Assist in Strategy Development and Project Security Consulting

• Provide support to the Head of Department in the development and implementation of robust cybersecurity strategies aligned with organizational objectives and regulatory mandates.
• Offer expertise and guidance in security consulting for various projects across hospitals, clinics, and corporate offices, ensure that cybersecurity checklists are completed, and ensure that considerations are integrated seamlessly into all stages of project planning and execution.
• Gather report, compile statistics, and deliver a presentation on threats detected and risk trends

2. Cybersecurity Project Management

• Lead and oversee security proof of concept (PoC) projects to evaluate and validate the effectiveness of new security technologies and solutions before full-scale implementation.
• Lead and manage cybersecurity projects, including the implementation of new security technologies, tools, and processes.

3. Threat Intelligence, Threat Hunting, and Proactive Monitoring

• Conduct proactive monitoring of internal alerts and emerging threats using existing security tools.
• Perform manual threat hunting to identify and address potential security risks promptly, and collaborate with partners to ensure that true positive is mitigated promptly.
• Continuously analyse and respond to security alerts, antivirus software, network detection and response systems, and external assets surface management (EASM) solutions.
• Keep up-to-date with the latest cybersecurity threats, trends, and technologies, with extra attention on Asia region and the healthcare sector.

4. Security Operations Management

• Oversee daily security operations, including monitoring, detection, incident response, and threat management. Ensure alerts raised from the Group Centre of Excellence (COE) are addressed and closed, especially alerts on endpoint detection and response (EDR).
• Perform annual evaluations of USB access controls to ensure that access controls are regularly reviewed and adjusted as needed to maintain endpoint security resilience.
• Ensure that all IT cybersecurity contracts are reviewed and renewed promptly to prevent service disruptions and maintain continuous protection of the company’s assets.
• Participate in and perform role-play scenarios during ad-hoc cyber drills exercise
• Work closely with the Group COE on cybersecurity-related tasks.

5. Incident Response Management

• Coordinate all aspects of incident response, from initial detection to resolution, encompassing investigation, containment, remediation, and reporting of security incidents.
• Conduct thorough pre- and post-incident analysis to identify root causes and contributing factors, and implement necessary improvements to prevent future occurrences.
• Collaborate closely with the Group SOC Team Lead to address any true positive cases, ensuring a timely and effective response to security incidents across the organization.

6. Vulnerability, Risk, and Penetration Test Management

• Review the execution of periodic/ad-hoc vulnerability and penetration tests within agreed scopes with the application owner. Ensure that test findings are promptly remediated before the project goes live with relevant stakeholders.
• Conduct quarterly VA security assessments with the Group COE VA Team to ensure applications are compliant with industry best practices. (i.e: NIST, ISO27001). Manage the identification, assessment, and mitigation of security vulnerabilities and risks. Ensure critical and high findings are addressed within the specified timeline.
• Assist Group COE during the annual exercise on Dynamic Assessment Security Testing (DAST) and security configuration reviews. Work closely with respective stakeholders for information gathering and remediation fixes within the specified timeline.
• Prepare quarterly risk statistics and trends both for in-country and group levels.

7. Regulatory Compliance and Audits

• Ensure the company’s compliance with relevant cybersecurity regulations and standards (e.g., PII, PCIDSS).
• Prepare and participate in security audits and assessments, both internally and externally.
• Engage stakeholders to address the audit findings promptly, facilitating discussions and providing necessary guidance and support.
• Follow up with stakeholders to ensure the timely resolution of identified issues and alignment with established policies and standards.
• Work with the Group COE governance and compliance team to refine policies and standards based on Singapore regulations and hardening baselines based on industry best practices.

Requirements:

• Cybersecurity and IT Risk management professional certificates from ISC2 or ISACA are preferred
• Minimum 5 years, in a combination of multi-disciplinary IT/Security Operations with minimum of 3 years in cybersecurity.
• Experience and knowledge of cybersecurity threats, tools, and best practices (e.g. ISO270001, NIST).
• Experience and knowledge of cloud security are preferred.
• Experience and understanding of IT operations and processes.
• Understanding of Hospital Information systems will be advantageous, especially in Singapore healthcare.
• Knowledge and experience in applying software patches based on product company advisories, e.g. Microsoft security patches.
• Experience in working for a demanding security operations Centre with multiple tracks
• Knowledge of Security Standards and Frameworks, including MITRE & ATT&CK, ISO 27001:2013, Data Protection etc
• Proficient in Information Security Management Systems (ISMS), cybersecurity, and technology risk management
• Experience in working with third-party vendors and vendor management
• Proficient in working with vendors for the successful implementation of large turnkey projects with due diligence, risk management, and quality ensured

The Cyber Security Fusion Centre Response & Readiness Analyst is responsible for driving firm-wide effort to prepare, respond and recover from potential cyber threats and attacks. This role ensures the firm is globally prepared to respond to cyber incidents (resulting from a cyber or technology nexus). This is accomplished through proactive monitoring of emerging incidents, development and execution of cyber incident exercises, and review and maintenance of procedures and runbooks necessary to ensure an orderly response and recovery from cyber events. Incident Analyst operates a virtual war room and incident management function during events to ensure coordination, mitigation, and recovery from events in a timely manner. This role also provides a single source of consolidated information, and subsequent incident communication/notifications, including notifications to our external stakeholders and prudential regulators.

We are primarily looking for proactive and curious individuals to join our team to run exercises and activities to put our most senior leaders to the test, with the mission to keep Citi and Citi’s customers safe! In addition, the candidate will perform an active role in supporting the response to major incidents impacting the organization as and when required.

Responsibilities:

• Leads design, planning, coordination and execution of global cyber incident exercises.

• Engages country leadership, global business leaders and internal functional teams to assess requirements and identify opportunities to incorporate innovation and improve exercise scope.

• Analyzes and presents team outcomes to senior leadership, regulatory bodies and internal business stakeholders.

• Supports external exercising activities and client exercise/simulation engagement.

• Facilitate the coordination, communication and escalation response of major cyber incidents impacting our businesses, 3rd parties, vendors and clients.

• Serve as a liaison between the CISO, Business and 3rd Party oversight teams, promoting rapid escalation of cyber events and translating cyber technical details into laymen’s terms.

• Executes under crisis conditions regardless of the seniority of the audience, with a sense of urgency and mission.

• Monitor information sources, including, but not limited to – SIRTS, intelligence updates, major incident channels (ServiceNow), and external news sources – to triage and assess events that may impact Citi, our clients or 3rd parties.

Qualifications:

• Extensive of relevant experience with a focus on senior stakeholder engagement experience and Team leadership experience in leading exercise.

• Proven leadership Experience in Financial Services a positive

• Incident/Crisis management experience including Ownership, Assessment and initial support, Escalation/Notification, Business Impact Analysis, Resolution Tracking, Senior escalations

• Experience in exercise design, planning and execution.

• Excellent written and verbal communication skills required to influence and negotiate with senior leaders across functions (including experience in communications with external parties)

• Understanding of Project Management Standards and Stakeholder Management

• Desired professional qualifications: ISC2 Certified in Cybersecurity, Comptia Security+

Education:

• Bachelor’s degree/University degree or equivalent experience

In return, we offer:

• This position allows you to work in an international environment with senior management, giving you the opportunity to develop cooperation skills and communication with management and virtual teams from different regions, countries and cultures

• Competitive salary & social benefits (e.g. private healthcare care, Benefit System, life insurance)

• Work in a friendly and diversified environment, appreciating differences in style and perspective and using them to add value to decisions leading to organizational success

• A great environment for learning new technology and tools, online and instructor led training opportunities

• Working in a friendly, dynamic and multinational environment

• Opportunity to have an influence on the way you perform your tasks - our teams are constantly looking for new and better ways and we encourage all improvement ideas

• A chance to make a difference with various affinity networks and charity initiative

By joining Citi Singapore, you will not only be part of a business casual workplace with a hybrid working model (up to 2 days working at home per week), but also receive a competitive base salary (which is annually reviewed) and enjoy a whole host of additional benefits that support you (and your family) to be well, live well and save well.

Alongside these benefits Citi is committed to ensuring our workplace is where everyone feels comfortable coming to work as their whole self every day. We want the best talent around the world to be energized to join us, motivated to stay, and empowered to thrive.

Sounds like Citi has everything you need? Then apply to discover the true extent of your capabilities.

---

Job Family Group:

Technology

---

Job Family:

Information Security

---

Time Type:

Full time

---

Most Relevant Skills

Please see the requirements listed above.

---

Other Relevant Skills

For complementary skills, please see above and/or contact the recruiter.

---

Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.

If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi .

View Citi’s EEO Policy Statement and the Know Your Rights poster.

#J-18808-Ljbffr

Primary Objectives of Position

Manage information security operations to ensure the safe use of information systems and assets, as well as protect information assets against cybersecurity threats.

Manage various stages of projects in conception and initiation, planning, execution, performance/monitoring, and project closure.

Job Responsibilities

• Establish, implement, and maintain a sustainable information security framework that effectively addresses evolving and diverse cybersecurity threats.

• Perform risk assessments on IT systems, networks, and applications for vulnerabilities and implement security controls to reduce risks to an acceptable level.

• Conduct information security audits to identify violations and inefficiencies, and recommend effective security controls.

• Hold management review and lessons learned meetings to improve information security measures and incident handling processes.

• Monitor security alerts/logs from IT systems, networks, and applications against baselines, and gather publicly available information to identify precursors or indicators of cybersecurity attacks.

• Contain and eradicate cybersecurity incidents effectively to prevent recurrence and restore systems to normal operations as quickly as possible.

• Publish security advisories, conduct security workshops, and share lessons learned to improve user awareness regarding information security matters.

• Oversee information security investigations with internal teams, funders, local authorities, and/or third-party providers.

• Participate in various meetings and share compliance/performance reports and audit findings with management teams.

• Liaise with internal and external stakeholders in implementing information security measures or projects.

• The above activities are not exhaustive and are subject to amendment as needed.

Job Requirements

Minimum Education / Qualifications

• Degree in Information Systems or equivalent.

Minimum Years of Relevant Experience

• At least 2 years of experience in setting up and managing information security operations.

Knowledge/Skills

• Experience in ISO27001 ISMS, CIS, and/or NIST frameworks.

• Experience managing threats, vulnerabilities, and incidents, with understanding of digital forensic investigations, tools, and processes.

• Knowledge of security protections, practices, or solutions like Firewall, IDS/IPS, network segmentation, DLP, WAF, NAC, WiFi security, cryptography, endpoint protection, OWASP, etc.

• Certifications in CISA, CISM, CISSP, and/or PMP are advantageous.

• Proficiency in Microsoft Office and other Windows and web applications.

Attributes (functional or leadership competencies)

• Meticulous and hands-on.

• Excellent communication and written skills.

• Strong analytical and problem-solving skills.

• Team player with excellent interpersonal skills and ability to multitask.

• Customer-centric and proactive.

#J-18808-Ljbffr

Get AI-powered advice on this job and more exclusive features.

Manage information security operation to ensure the safe use of information systems and assets as well as protect information assets against cybersecurity threats.

Manage various stages of projects in conception and initiation, planning, execution, performance/ monitoring, and project closure.

Job Responsibilities

• Establish, implement, and maintain a sustainable information security framework that effectively addresses evolving and diverse cybersecurity threats.

• Perform risk assessments on IT systems, network and applications for vulnerabilities and implement security controls to reduce identified risks to an acceptable level.

• Perform information security audits to determine security violations and inefficiencies and recommend effective security controls.

• Hold management review and lessons learned meetings to help improve information security measures and incident handling process.

• Monitor security alerts/ logs from IT systems, network and applications against baselines and gather publicly available information to identify precursors or indicators of cybersecurity attacks.

• Contain and eradicate cybersecurity incident effectively to prevent recurrence and restore systems and recover normal operations as quickly as possible.

• Publish security advisories, conduct security workshops, and share lessons learned to improve users’ awareness regarding information security matters.

• Oversee information security investigations with internal team, funders, and local authorities and/ or 3rd party providers.

• Participate in various meetings and share compliance/ performance reports and audit findings to Management teams.

• Liaise with internal and external stakeholders in implementing information security related measures or projects.

The above activities are no means exhaustive and are subjected to amendment whenever is needed.

Job Requirements

Minimum Education / Qualifications

• Degree in Information systems or equivalent.

Minimum Years of Relevant Experience

• 2 years’ experiences in setting up and managing information security operations.

Knowledge/Skills

• Experiences in ISO27001 ISMS, CIS, and/ or NIST frameworks.

• Experiences in managing threat, vulnerability and incident, and understanding in digital forensic investigation, tools, and processes.

• Knowledge in security protections, practices, or solutions like Firewall, IDS/ IPS, network segmentation, DLP, WAF, NAC, WiFi security, cryptography, endpoint protection, OWASP, etc.

• Certifications in CISA, CISM, CISSP and/ or PMP will be an advantage.

• Knowledgeable in Microsoft Office and other Windows and web applications.

Attributes (functional or leadership competencies)

• Meticulous and hands on.

• Excellent communication and written skills.

• Strong analytical and problem-solving skills.

• Team player with excellent interpersonal skills and multi-tasker.

• Customer-centric and proactive.

Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Full-time

Job function

• Job function Information Technology
• Industries Civic and Social Organizations

Referrals increase your chances of interviewing at AWWA Ltd by 2x

Sign in to set job alerts for “Information Assistant” roles. Cash Processing Center (CPC) Admin - Batam

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

The Cyber Security Fusion Centre Response & Readiness Analyst is responsible for driving firm-wide effort to prepare, respond and recover from potential cyber threats and attacks. This role ensures the firm is globally prepared to respond to cyber incidents (resulting from a cyber or technology nexus). This is accomplished through proactive monitoring of emerging incidents, development and execution of cyber incident exercises, and review and maintenance of procedures and runbooks necessary to ensure an orderly response and recovery from cyber events. Incident Analyst operates a virtual war room and incident management function during events to ensure coordination, mitigation, and recovery from events in a timely manner. This role also provides a single source of consolidated information, and subsequent incident communication/notifications, including notifications to our external stakeholders and prudential regulators.
We are primarily looking for proactive and curious individuals to join our team to run exercises and activities to put our most senior leaders to the test, with the mission to keep Citi and Citi's customers safe! In addition, the candidate will perform an active role in supporting the response to major incidents impacting the organization as and when required.
**Responsibilities:**
+ Leads design, planning, coordination and execution of global cyber incident exercises.
+ Engages country leadership, global business leaders and internal functional teams to assess requirements and identify opportunities to incorporate innovation and improve exercise scope.
+ Analyzes and presents team outcomes to senior leadership, regulatory bodies and internal business stakeholders.
+ Supports external exercising activities and client exercise/simulation engagement.
+ Facilitate the coordination, communication and escalation response of major cyber incidents impacting our businesses, 3rd parties, vendors and clients.
+ Serve as a liaison between the CISO, Business and 3rd Party oversight teams, promoting rapid escalation of cyber events and translating cyber technical details into laymen's terms.
+ Executes under crisis conditions regardless of the seniority of the audience, with a sense of urgency and mission.
+ Monitor information sources, including, but not limited to - SIRTS, intelligence updates, major incident channels (ServiceNow), and external news sources - to triage and assess events that may impact Citi, our clients or 3rd parties.
**Qualifications:**
+ Extensive of relevant experience with a focus on senior stakeholder engagement experience and Team leadership experience in leading exercise.
+ Proven leadership Experience in Financial Services a positive
+ Incident/Crisis management experience including Ownership, Assessment and initial support, Escalation/Notification, Business Impact Analysis, Resolution Tracking, Senior escalations
+ Experience in exercise design, planning and execution.
+ Excellent written and verbal communication skills required to influence and negotiate with senior leaders across functions (including experience in communications with external parties)
+ Understanding of Project Management Standards and Stakeholder Management
+ Desired professional qualifications: ISC2 Certified in Cybersecurity, Comptia Security **Education:**
+ Bachelor's degree/University degree or equivalent experience
**In return, we offer:**
+ This position allows you to work in an international environment with senior management, giving you the opportunity to develop cooperation skills and communication with management and virtual teams from different regions, countries and cultures
+ Competitive salary & social benefits (e.g. private healthcare care, Benefit System, life insurance)
+ Work in a friendly and diversified environment, appreciating differences in style and perspective and using them to add value to decisions leading to organizational success
+ A great environment for learning new technology and tools, online and instructor led training opportunities
+ Working in a friendly, dynamic and multinational environment
+ Opportunity to have an influence on the way you perform your tasks - our teams are constantly looking for new and better ways and we encourage all improvement ideas
+ A chance to make a difference with various affinity networks and charity initiative
By joining Citi Singapore, you will not only be part of a business casual workplace with a hybrid working model (up to 2 days working at home per week), but also receive a competitive base salary (which is annually reviewed) and enjoy a whole host of additional benefits that support you (and your family) to be well, live well and save well.
Alongside these benefits Citi is committed to ensuring our workplace is where everyone feels comfortable coming to work as their whole self every day. We want the best talent around the world to be energized to join us, motivated to stay, and empowered to thrive.
Sounds like Citi has everything you need? Then apply to discover the true extent of your capabilities.
---
**Job Family Group:**
Technology
---
**Job Family:**
Information Security
---
**Time Type:**
Full time
---
**Most Relevant Skills**
Please see the requirements listed above.
---
**Other Relevant Skills**
For complementary skills, please see above and/or contact the recruiter.
---
_Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law._
_If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review_ _Accessibility at Citi ( _._
_View Citi's_ _EEO Policy Statement ( _and the_ _Know Your Rights ( _poster._
Citi is an equal opportunity and affirmative action employer.
Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.