886 Information Security Manager jobs in Singapore

Overview

Primary Objectives of Position

Manage security operation to ensure the safe use of IT systems and assets as well as protect against cybersecurity threats.

Manage various stages of projects in conception and initiation, planning, execution, performance/ monitoring, and project closure.

• Establish, implement and maintain a sustainable information security framework that effectively addresses evolving and diverse cybersecurity threats.
• Perform risk assessments on Information, Operational and Assistive Technologies for vulnerabilities and implement security controls to reduce identified risks to an acceptable level.
• Monitor security alerts/ logs from IT systems, network and applications against baselines and gather publicly available information to identify precursors or indicators of cybersecurity attacks.
• Contain and eradicate cybersecurity incident effectively to prevent recurrence and restore systems and recover normal operations as quickly as possible.
• Hold lessons learned meetings to help improve security measures and incident handling process.
• Publish security advisories, conduct security workshops and share lessons learned to improve users’ awareness regarding cybersecurity matters.
• Perform information security audits to determine security violations and inefficiencies and recommend effective security controls.
• Oversee information security investigations with internal team, funders and local authorities and/ or 3rd party providers.
• Participate in various meetings and share compliance/ performance reports and audit findings to Management teams.
• Undertake information security related projects.

The above activities are no means exhaustive and are subjected to amendment whenever is needed

• Degree in Information systems or equivalent

• 2 or more years’ experiences in setting up and managing information security operations.

• Familiar with ISO27001 ISMS, NIST and/ or CIS frameworks.
• Experiences in incident handling and understanding in digital forensic investigation, tools and processes.
• Experiences in security protections, practices or solutions like Firewall, IDS/ IPS, DLP, WAF, NAC, WiFi security, encryption, patch management, etc.
• CISA, CISM, CISSP and/ or PMP certifications will be an advantage.
• Knowledgeable in Microsoft Office and other Windows and web applications.

• Meticulous and hands on.
• Excellent communication and written skills.
• Strong analytical and problem-solving skills.
• Team player with excellent interpersonal skills and multi-tasker.
• Customer-centric and proactive

• Develop, implement, and manage the organization's information security strategy, policies, and procedures .
• Lead the design and enforcement of security controls to protect systems, networks, and data from cyber threats.
• Manage a team of security professionals, providing technical guidance, mentoring, and performance management .
• Oversee risk assessments, vulnerability management, penetration testing, and incident response .
• Ensure compliance with regulatory requirements, industry standards, and frameworks (e.g., ISO 27001, NIST, GDPR, PCI-DSS, HIPAA).
• Collaborate with IT, DevOps, and business teams to embed security into application development and infrastructure design .
• Manage security operations center (SOC) activities , including monitoring, threat detection, and escalation.
• Define, track, and report security KPIs and risk metrics to senior leadership.
• Evaluate, select, and implement security tools and technologies to strengthen organizational defenses.
• Lead security awareness and training programs to promote a strong security culture .

• Cybersecurity & Risk Management : Strong knowledge of threat modeling, risk assessment methodologies, incident response frameworks , and business continuity planning .
• Security Technologies : Hands-on expertise with firewalls, IDS/IPS, SIEM (Splunk, QRadar, ELK), EDR/XDR, DLP, IAM, PAM solutions, WAF, and CASB .
• Cloud Security : Proficiency in securing workloads on AWS, Azure, and GCP , including IAM, KMS, Cloud Security Posture Management (CSPM) .
• Application & Network Security : Experience in secure SDLC, DevSecOps practices, vulnerability management, penetration testing tools (Burp Suite, Metasploit, Nessus, Qualys) .
• Cryptography & Data Protection : Understanding of PKI, SSL/TLS, encryption protocols, key management, tokenization, and data masking .
• Governance, Risk & Compliance (GRC) : Familiarity with ISO 27001, SOC 2, NIST CSF, COBIT, GDPR, HIPAA, PCI-DSS frameworks.
• Incident Response & Forensics : Ability to manage SIEM alerts, digital forensics, malware analysis , and lead response teams during breaches.
• Scripting & Automation : Knowledge of Python, PowerShell, or Bash for automating security operations and log analysis.

• Security certifications such as CISSP, CISM, CISA, CEH, OSCP, CCSP, ISO 27001 Lead Implementer/Auditor .
• Experience in Zero Trust Architecture and container security (Docker, Kubernetes) .
• Knowledge of threat intelligence platforms and SOC automation (SOAR) .

Primary Objectives of Position

Manage security operation to ensure the safe use of IT systems and assets as well as protect against cybersecurity threats.

Manage various stages of projects in conception and initiation, planning, execution, performance/ monitoring, and project closure.

Job Responsibilities

• Establish, implement and maintain a sustainable information security framework that effectively addresses evolving and diverse cybersecurity threats.
• Perform risk assessments on Information, Operational and Assistive Technologies for vulnerabilities and implement security controls to reduce identified risks to an acceptable level.
• Monitor security alerts/ logs from IT systems, network and applications against baselines and gather publicly available information to identify precursors or indicators of cybersecurity attacks.
• Contain and eradicate cybersecurity incident effectively to prevent recurrence and restore systems and recover normal operations as quickly as possible.
• Hold lessons learned meetings to help improve security measures and incident handling process.
• Publish security advisories, conduct security workshops and share lessons learned to improve users' awareness regarding cybersecurity matters.
• Perform information security audits to determine security violations and inefficiencies and recommend effective security controls.
• Oversee information security investigations with internal team, funders and local authorities and/ or 3rd party providers.
• Participate in various meetings and share compliance/ performance reports and audit findings to Management teams.
• Undertake information security related projects.

The above activities are no means exhaustive and are subjected to amendment whenever is needed .

Job Specifications

Minimum Education / Qualifications

• Degree in Information systems or equivalent

Minimum Years of Relevant Experience

• 2 or more years' experiences in setting up and managing information security operations.

Knowledge/Skills

• Familiar with ISO27001 ISMS, NIST and/ or CIS frameworks.
• Experiences in incident handling and understanding in digital forensic investigation, tools and processes.
• Experiences in security protections, practices or solutions like Firewall, IDS/ IPS, DLP, WAF, NAC, WiFi security, encryption, patch management, etc.
• CISA, CISM, CISSP and/ or PMP certifications will be an advantage.
• Knowledgeable in Microsoft Office and other Windows and web applications.

Attributes (functional or leadership competencies)

• Meticulous and hands on.
• Excellent communication and written skills.
• Strong analytical and problem-solving skills.
• Team player with excellent interpersonal skills and multi-tasker.
• Customer-centric and proactive

Overview
Primary Objectives of Position
Manage security operation to ensure the safe use of IT systems and assets as well as protect against cybersecurity threats.
Manage various stages of projects in conception and initiation, planning, execution, performance/ monitoring, and project closure.
Responsibilities
Establish, implement and maintain a sustainable information security framework that effectively addresses evolving and diverse cybersecurity threats.
Perform risk assessments on Information, Operational and Assistive Technologies for vulnerabilities and implement security controls to reduce identified risks to an acceptable level.
Monitor security alerts/ logs from IT systems, network and applications against baselines and gather publicly available information to identify precursors or indicators of cybersecurity attacks.
Contain and eradicate cybersecurity incident effectively to prevent recurrence and restore systems and recover normal operations as quickly as possible.
Hold lessons learned meetings to help improve security measures and incident handling process.
Publish security advisories, conduct security workshops and share lessons learned to improve users’ awareness regarding cybersecurity matters.
Perform information security audits to determine security violations and inefficiencies and recommend effective security controls.
Oversee information security investigations with internal team, funders and local authorities and/ or 3rd party providers.
Participate in various meetings and share compliance/ performance reports and audit findings to Management teams.
Undertake information security related projects.
The above activities are no means exhaustive and are subjected to amendment whenever is needed
Job Specifications
Minimum Education / Qualifications
Degree in Information systems or equivalent
Minimum Years of Relevant Experience
2 or more years’ experiences in setting up and managing information security operations.
Knowledge/Skills
Familiar with ISO27001 ISMS, NIST and/ or CIS frameworks.
Experiences in incident handling and understanding in digital forensic investigation, tools and processes.
Experiences in security protections, practices or solutions like Firewall, IDS/ IPS, DLP, WAF, NAC, WiFi security, encryption, patch management, etc.
CISA, CISM, CISSP and/ or PMP certifications will be an advantage.
Knowledgeable in Microsoft Office and other Windows and web applications.
Attributes (functional or leadership competencies)
Meticulous and hands on.
Excellent communication and written skills.
Strong analytical and problem-solving skills.
Team player with excellent interpersonal skills and multi-tasker.
Customer-centric and proactive
#J-18808-Ljbffr

Overview
Primary Objectives of Position
Manage security operation to ensure the safe use of IT systems and assets as well as protect against cybersecurity threats.
Manage various stages of projects in conception and initiation, planning, execution, performance/ monitoring, and project closure.
Responsibilities
Establish, implement and maintain a sustainable information security framework that effectively addresses evolving and diverse cybersecurity threats.
Perform risk assessments on Information, Operational and Assistive Technologies for vulnerabilities and implement security controls to reduce identified risks to an acceptable level.
Monitor security alerts/ logs from IT systems, network and applications against baselines and gather publicly available information to identify precursors or indicators of cybersecurity attacks.
Contain and eradicate cybersecurity incident effectively to prevent recurrence and restore systems and recover normal operations as quickly as possible.
Hold lessons learned meetings to help improve security measures and incident handling process.
Publish security advisories, conduct security workshops and share lessons learned to improve users’ awareness regarding cybersecurity matters.
Perform information security audits to determine security violations and inefficiencies and recommend effective security controls.
Oversee information security investigations with internal team, funders and local authorities and/ or 3rd party providers.
Participate in various meetings and share compliance/ performance reports and audit findings to Management teams.
Undertake information security related projects.
The above activities are no means exhaustive and are subjected to amendment whenever is needed
Job Specifications
Minimum Education / Qualifications
Degree in Information systems or equivalent
Minimum Years of Relevant Experience
2 or more years’ experiences in setting up and managing information security operations.
Knowledge/Skills
Familiar with ISO27001 ISMS, NIST and/ or CIS frameworks.
Experiences in incident handling and understanding in digital forensic investigation, tools and processes.
Experiences in security protections, practices or solutions like Firewall, IDS/ IPS, DLP, WAF, NAC, WiFi security, encryption, patch management, etc.
CISA, CISM, CISSP and/ or PMP certifications will be an advantage.
Knowledgeable in Microsoft Office and other Windows and web applications.
Attributes (functional or leadership competencies)
Meticulous and hands on.
Excellent communication and written skills.
Strong analytical and problem-solving skills.
Team player with excellent interpersonal skills and multi-tasker.
Customer-centric and proactive
#J-18808-Ljbffr

• Establish a management framework for information security across Asia and Arab region.
• Develop and implement procedures for regional information security management and operation.
• Plan and execute deployment of Otsuka Group standard technology (e.g., security monitoring tools, vulnerability management tools, and phishing reports and simulation tools) in the region.

• Establish a management and advisory framework for factories and laboratories in the region.
• Design and implement security risk controls for newly established factories in the region.
• Plan, develop, and operate shared security infrastructure for subsidiaries in the region.

• Plan and execute compliance monitoring activities for global security policies, including those applicable to factories and laboratories in the region.
• Support subsidiaries in planning and executing remediation actions.

• Provide expert security advisory support to subsidiaries in the region
• Regularly or on-demand, notify subsidiaries of recent cyber security threats and vulnerabilities.

• Support or, if necessary act as the commander in responding to security incidents in the region.
• Lead and manage the OSG CSIRT (Cybersecurity Incident Response Team).

• Minimum of 5 years of professional experience in information security, risk management, or IT governance/audit.
• Bachelor's degree in computer science, information security, information technology, or a related field.
• If you do not have one of the above degrees, you should have a related professional certification to prove your expertise (e.g., CISSP, CISM, CISA, CRISC)
• Familiarity with cloud security, network security, and security infrastructure (endpoint protection, security event detection, and identity and access management).
• Familiarity with operational technology (OT) security in factories, plants, and laboratories.
• Extensive experience serving as a commander in cyberattack response.
• Knowledge of regulatory requirements (e.g., GDPR) and industry standards (e.g., NIST).

• Business-level fluency in both Japanese (JLPT N1 or equivalent) and English. These two languages are essential for daily operations and communication with our Japan headquarters as well as group companies, subsidiaries across Asia and Arab Region.

• Demonstrated ability to work effectively in multinational corporate environments, collaborating across diverse cultures and organizational structures.
• Experience in developing security programs and procedures across regional subsidiaries.

• Demonstrated ability to lead and coordinate multiple subsidiaries across Asia and Arab region.
• Multiple successful completions of security projects for subsidiaries in the region.
• Ability to manage cross-functional teams and drive change in complex environments.

• Additional language capabilities are considered an asset for regional communication and collaboration.

We are seeking a highly skilled Enterprise Information Security Manager to lead our organization's security initiatives.

• Perform an integrity gap analysis to ensure compliance with information security standards and enterprise governance policies.
• Collaborate with cross-functional teams, including development, security, and operations, to deliver projects and initiatives.

1. Managing enterprise information security activities, including risk assessments, audits, and vulnerability management.
2. Coordinating with regional teams for global security and compliance management projects.
3. Assisting in establishing project governance in the region for IT departments.

• Familiarity with various technologies, including network, security, database, and operating systems.
• Deep understanding of vulnerability assessment and remediation methodologies.
• Strong technical background and expertise in Software Development Life Cycle (SDLC).
• Ability to multitask and work independently under tight timelines and challenging environments.
• Excellent communication skills to engage with teams, management, and stakeholders.
• Program and project management expertise, capacity to lead hybrid project methodologies.
• Good understanding of local regulations in Asian markets.
• Team player with strong collaboration skills.

( Job Description )

Regional Information Security Management

• Establish a management framework for information security across Asia and Arab region.
• Develop and implement procedures for regional information security management and operation.
• Plan and execute deployment of Otsuka Group standard technology (e.g., security monitoring tools, vulnerability management tools, and phishing reports and simulation tools) in the region.

Factory and Laboratory Security in Asia and Arab Region

• Establish a management and advisory framework for factories and laboratories in the region.
• Design and implement security risk controls for newly established factories in the region.
• Plan, develop, and operate shared security infrastructure for subsidiaries in the region.

Security Compliance Monitoring for Otsuka Global Security Policies

• Plan and execute compliance monitoring activities for global security policies, including those applicable to factories and laboratories in the region.
• Support subsidiaries in planning and executing remediation actions.

Security Advisory Desk for Subsidiaries

• Provide expert security advisory support to subsidiaries in the region
• Regularly or on-demand, notify subsidiaries of recent cyber security threats and vulnerabilities.

Security Incident Responses

• Support or, if necessary act as the commander in responding to security incidents in the region.
• Lead and manage the OSG CSIRT (Cybersecurity Incident Response Team).

( Job Requirements )

(Required) Information/Cyber Security Expertise

• Minimum of 5 years of professional experience in information security, risk management, or IT governance/audit.
• Bachelor's degree in computer science, information security, information technology, or a related field.
• If you do not have one of the above degrees, you should have a related professional certification to prove your expertise (e.g., CISSP, CISM, CISA, CRISC)
• Familiarity with cloud security, network security, and security infrastructure (endpoint protection, security event detection, and identity and access management).
• Familiarity with operational technology (OT) security in factories, plants, and laboratories.
• Extensive experience serving as a commander in cyberattack response.
• Knowledge of regulatory requirements (e.g., GDPR) and industry standards (e.g., NIST).

(Required) Language Proficiency

• Business-level fluency in both Japanese (JLPT N1 or equivalent) and English. These two languages are essential for daily operations and communication with our Japan headquarters as well as group companies, subsidiaries across Asia and Arab Region.

(Preferred) Multinational Company Experience

• Demonstrated ability to work effectively in multinational corporate environments, collaborating across diverse cultures and organizational structures.
• Experience in developing security programs and procedures across regional subsidiaries.

(Preferred) Leadership and Management Experience in Asia and Arab Region

• Demonstrated ability to lead and coordinate multiple subsidiaries across Asia and Arab region.
• Multiple successful completions of security projects for subsidiaries in the region.
• Ability to manage cross-functional teams and drive change in complex environments.

(Preferred) Additional Language Proficiency

• Additional language capabilities are considered an asset for regional communication and collaboration.

( Job Description )

Regional Information Security Management

• Establish a management framework for information security across Asia and Arab region.
• Develop and implement procedures for regional information security management and operation.
• Plan and execute deployment of Otsuka Group standard technology (e.g., security monitoring tools, vulnerability management tools, and phishing reports and simulation tools) in the region.

Factory and Laboratory Security in Asia and Arab Region

• Establish a management and advisory framework for factories and laboratories in the region.
• Design and implement security risk controls for newly established factories in the region.
• Plan, develop, and operate shared security infrastructure for subsidiaries in the region.

Security Compliance Monitoring for Otsuka Global Security Policies

• Plan and execute compliance monitoring activities for global security policies, including those applicable to factories and laboratories in the region.
• Support subsidiaries in planning and executing remediation actions.

Security Advisory Desk for Subsidiaries

• Provide expert security advisory support to subsidiaries in the region
• Regularly or on-demand, notify subsidiaries of recent cyber security threats and vulnerabilities.

Security Incident Responses

• Support or, if necessary act as the commander in responding to security incidents in the region.
• Lead and manage the OSG CSIRT (Cybersecurity Incident Response Team).

( Job Requirements )

(Required) Information/Cyber Security Expertise

• Minimum of 5 years of professional experience in information security, risk management, or IT governance/audit.
• Bachelor's degree in computer science, information security, information technology, or a related field.
• If you do not have one of the above degrees, you should have a related professional certification to prove your expertise (e.g., CISSP, CISM, CISA, CRISC)
• Familiarity with cloud security, network security, and security infrastructure (endpoint protection, security event detection, and identity and access management).
• Familiarity with operational technology (OT) security in factories, plants, and laboratories.
• Extensive experience serving as a commander in cyberattack response.
• Knowledge of regulatory requirements (e.g., GDPR) and industry standards (e.g., NIST).

(Required) Language Proficiency

• Business-level fluency in both Japanese (JLPT N1 or equivalent) and English. These two languages are essential for daily operations and communication with our Japan headquarters as well as group companies, subsidiaries across Asia and Arab Region.

(Preferred) Multinational Company Experience

• Demonstrated ability to work effectively in multinational corporate environments, collaborating across diverse cultures and organizational structures.
• Experience in developing security programs and procedures across regional subsidiaries.

(Preferred) Leadership and Management Experience in Asia and Arab Region

• Demonstrated ability to lead and coordinate multiple subsidiaries across Asia and Arab region.
• Multiple successful completions of security projects for subsidiaries in the region.
• Ability to manage cross-functional teams and drive change in complex environments.

(Preferred) Additional Language Proficiency

• Additional language capabilities are considered an asset for regional communication and collaboration.