41 Security Assessment jobs in Singapore

Compliance Officer

• Roles & Responsibilities
• Identify and document instances of non-compliance, procedural gaps, or vulnerabilities in security systems.
• Prepare detailed reports for senior management, outlining audit findings, corrective actions, and overall compliance status.
• Ensure all security operations are in accordance with relevant laws, regulations, and industry standards.

• Personnel Management and Hiring
• Develop comprehensive onboarding and training programs for new and existing staff, focusing on procedural compliance and professional conduct.
• Implement a system to monitor and evaluate security personnel performance to ensure high standards.

• Operational Performance and Improvement
• Propose and lead improvements to enhance effectiveness and efficiency of security operations.
• Stay informed about new security technologies and recommend solutions that improve compliance and capabilities.

• Policy and Procedure Development
• Create, write, and update security policies, standard operating procedures, and training materials to reflect current best practices and evolving threats.
• Serve as primary point of contact for security compliance inquiries, providing clear guidance to the team and other departments.

• Stakeholder and Customer Management
• Provide assistance related to security protocols to customers and employees, ensuring all interactions are professional and service-oriented.

• Bonus

• What We Offer

eToro has created an intuitive Social Trading platform that gives traders and investors access to global stock markets, commodity trading, cryptocurrency trading, and more. We strive to make money management available and accessible to everyone (even to users with no prior experience or knowledge). We have over 33 million users worldwide, and our platform is available in over 140 countries around the world.

With over 1500 employees worldwide, We have locations in the US, Cyprus, UK, Australia, Germany, and Israel, and we are constantly growing and expanding into new markets.

We are constantly growing and are excited to share that we are looking for a Information Security Compliance Officer to join our team!

What will you be doing?

• Act as the primary local security contact / adviser for both Singapore and Australia offices.
• Work with Group IS and assist on the implementation and translation of information security policies and procedures for local offices.
• Provide an escalation path for security issues, incidents and inquiries to local offices.
• Provide regular and timely reporting on the status of cyber security to local management.
• Provide Cyber Security guidance to the local offices.
• Monitor IT/IS outsourcing arrangements and check that the KPIs/SLAs are met, else to find out the root cause and report it to local management.
• Proactively identify non compliance and areas of potential improvement to Group IS; and facilitate development and deployment of standard solutions.
• Collaborate with the Group Cyber Defense Operations and Cyber Security Engineering teams to develop a technical roadmap for local offices to meet local regulatory requirements.
• Work with Group Security Incident Response and Crisis Management teams to assist in driving incidents to acceptable resolution; and assist with investigations as needed.
• Participate in region/business unit related conferences, client facing engagement, industry forums to represent eToro’s Cyber Security program.
• Responsible for tasks assigned to you.
• Responsible to self track (including mandatory in-house Compliance/AML training/ABC) all training hours and keep training records and with the HR;
• Any other tasks as allocated by your direct line manager.

Direct message the job poster from Eames Consulting

We are seeking a Cyber Security Compliance Manager to join our client’s team and lead the development, implementation, and oversight of cyber security compliance and governance programs. The ideal candidate has a deep understanding of information security frameworks and regulations, with a proven track record of ensuring organisational compliance in fast-paced environments.

Key Responsibilities

• Develop, implement, and manage cyber security compliance programs and policies aligned with global standards and regulatory requirements.
• Lead regular risk assessments, security audits, and compliance checks across IT infrastructure and business units.
• Maintain up-to-date knowledge of relevant laws, standards, and best practices (e.g., ISO27001, NIST, GDPR, PCI-DSS, MAS TRM).
• Collaborate with technical and business teams to ensure consistent interpretation and application of security policies and controls.
• Manage internal and external audits, including preparing documentation and responding to audit findings.
• Conduct awareness and training programs for staff on security policies, data protection, and regulatory requirements.
• Advise management and stakeholders on cyber security risks, compliance gaps, and recommended mitigation strategies.
• Track and report on compliance status, risk metrics, and remediation efforts to senior leadership.

Requirements

• Bachelor’s degree in Information Security, Computer Science, IT, or related field.
• Minimum 5 years’ experience in cyber security compliance, audit, or risk management roles.
• Sound knowledge of international cybersecurity standards and regulatory frameworks (ISO27001, NIST, GDPR, PCI-DSS, MAS, etc.).
• Strong analytical, organisational, and communication skills.
• Experience interfacing with auditors and regulatory authorities.
• Professional certifications such as CISM, CISA, CISSP, or CRISC are a strong advantage.

If you are looking to join a fast-paced environment with a great culture, look no further and apply now!

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Information Services and Technology, Information and Media

Referrals increase your chances of interviewing at Eames Consulting by 2x

Get notified about new Cyber Security Specialist jobs in Singapore, Singapore .

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

We are seeking a seasoned professional to lead and oversee Security Trade Control operations across the company. As an Assistant Manager, you will be responsible for managing notifications and verifications for the end-user list, including follow-ups as necessary.

">">
• Administer export control processes in SAP, such as material creation, classification, extension, and manufacturer confirmations; release export licenses after background checks and HQ approval.
">">
• Work with the HQ Legal Export Control team to approve transactions involving specific countries or military-related organizations.
">">
• Provide training and distribute relevant security trade control information to employees, particularly sales teams, to ensure compliance.
">">

You will also lead, manage, and coordinate legal matters, including contract management, dispute resolution, and compliance with anti-trust, anti-bribery regulations.

">">
• Oversee contract management, including reviewing NDAs, agreements, and other contracts.
">">
• Handle legal disputes and resolution processes.
">">
• Ensure compliance with Personal Data Protection regulations (PDPA) by conducting regular impact assessments to identify and mitigate risks.
">">
• Conduct legal audits and manage internal legal policies.
">">

This is an exciting opportunity to work in a fast-paced environment and make a significant impact on the company's success. If you have a strong background in security trade control and legal affairs, we encourage you to apply.

Job Title: IT Security Compliance Specialist

We are seeking an experienced IT security compliance specialist to join our team. As a key member of our organization, you will be responsible for ensuring the security and integrity of our systems and data.

• Overall system administration with a focus on security and compliance.
• Ability to administer M365, domains, GPOs, file permission hierarchies, events, PowerShell, and achieve secured setup. MSSQL knowledge is commendable.
• Open to lead or carry out security implementations, investigations, incidents, documentations.
• Conduct periodical assessments of cybersecurity risks for onshore and offshore, ensuring compliance checks.
• Prepare cybersecurity information and awareness training topics.
• Opportunity to administer networks in a non-Cisco environment.
• Foster team collaboration with L1 teams on day-to-day requirements.
• Assist with other related administrative duties.

Requirements:

• At least 3+ years of system administration experience with foresight in cybersecurity areas.
• Preferrable with MCSA/MCSE, Windows Server Hybrid Administrator Associate, CCNA, or equivalent certifications.
• Good to have CISSP, Security+, or past relevant security implementation work or documentation.
• Familiarity with IMO guidelines, ISO27001, ISO9000 is commendable.
• Full independence and ability to respond effectively on security incidents and escalations.
• A hands-on person with excellent problem-solving, analytical abilities.
• Excellent tech savviness, always motivated, and continuous forward-learning mentality.

• Microsoft 365
• MSSQL
• Network Administration
• CCNA
• Cybersecurity
• Powershell
• Security Policy
• ISO 27001
• Microsoft SQL
• MCSA Security
• User Management
• Windows Server
• System Administration
• Windows PowerShell
• MSSQL Server
• ISO 9000
• Able To Work Independently
• CISSP

Who are we?

Established in 2004, AGES is a comprehensive solutions provider for various cyber and IT applications. The company has garnered substantial market recognition and is accredited as a Qualified Security Assessor (QSA) organization. AGES offers independent security audits, assessments, and compliance validation services.

AGES acknowledges the heightened potential security threats stemming from business dependencies on technologies, particularly in payment and mobile security controls, where market conditions and requirements vary significantly. AGES endeavours to play a pivotal role in the market by addressing such security threats, particularly in establishing a more secure platform for these industries.

As a pioneer in cryptography, cyber security, and related payment environments, AGES has garnered substantial market recognition and is recognized by numerous prominent organizations. AGES brings together industry experts in cyber and IT, including specialists in cyber technologies, cryptography, payment systems security, IT security, systems development, project management, and business development.

AGES has also garnered relevant in-depth experience with significant organizations such as Payment Card Industry (PCI) Security Standards Council (SSC), MasterCard International (MCI), VISA, American Express (AMEX), JCB, Diners/Discover, NPCI – RuPAY, and UnionPay International (China UnionPay – UPI), enable AGES to effectively reach out to diverse clientele across global markets.

Organizations engaged in physical and logical security activities related to the production and provisioning of payment cards for various brands must adhere to the PCI Card Production and Provisioning (CP) requirements. AGES is a market leader in PCI CP security assessments that encompass physical and logical security, cybersecurity, information security, network and data security, and cryptographic key management. AGES has developed into a critical source of security and certification support for numerous card plants.

AGES is committed to integrating sustainability and scaling its ESG initiatives into its core business operations to facilitate the transition towards a cleaner and more sustainable future for society. We envision significant growth in its security audit programs to position itself among the global top audit providers for these programs.

Job Description:

• We are looking for competent individuals to join our team, to conduct security assessments and vulnerability testing relating to the payment and IT security industry. Weekly traveling is required during peak season.
• To evaluate technologies against cybersecurity standards and stay current on IT security regulations and standards (eg: PCI CPSA, PCI DSS, PCI 3DS)
• Undergo company bond-sponsorship for industrial professional certifications, courses, examinations and overseas on-the-job trainings.
• This is an ideal role for a highly organised individual who has a good command of language, possess excellent interpersonal skill, good writing skills and holds a keen interest in IT to join our expert IT auditing and security

Your Key Responsibilities:

1. Support in cyber security / audit team in compliance assessment, assessment reporting, vulnerabilities scans and network penetration tests for local and overseas customers (if required), enhancement of in-house penetration test system - PAYGE, system security testing and quality assurance activities.
2. Network penetration testing follows the NIST Special Publication 800-115 using tools not limiting to Metasploit, Wireshark, Nessus, Nikto, Nicat, John the Ripper, AppScan, Greenbone, and Netcraft.
3. Configuration of VM image for VM Box used for vulnerability scans and network penetration tests. VM image may deploy Kali Linux.
4. Clients in scope cover but not limited to organisations certified under the Payment Card Industry (PCI) Card Production (CP), and PCI Data Security Scheme (DSS) programs.
5. Document work papers, report preparation and quality assurance, and attend in house training sessions (if any).
6. Any other ad-hoc tasks and job rotation as assigned by your reporting officer.

Requirements:

• Degree in Computing or equivalent with minimum 1 to 10 years of IT working experience;
• Able to travel weekly for short trips;
• Ability to speak and write to our Taiwanese speaking clients.
• Certified CISA and CISM/CISSP preferred.

Why join our team?

AGES has a friendly working environment with a highly motivated and hard-working team. This role should appeal if you enjoy verifying information, has an inquisitive mind, is an effective communicator and enjoy challenging yourselves to make a positive impact to our clients and our peoples.

The IT security and audit industry is fast-paced and busy, so we are looking for colleagues who have a positive and results focused attitude. You should also like traveling worldwide for work related projects too.

This breadth and depth of experience, combined with technical and communication skills in the payment security assessment domain, makes you a valuable asset to any organisation , opening up opportunities in areas such as IT Risk Management, IT Compliance, Technology Operations, and Cyber Information Security.

To find out more about us

The IT Internal Auditor role plays a pivotal part in ensuring the integrity, confidentiality, and availability of an organization's data by evaluating its IT systems, controls, and processes.

• Lead and execute comprehensive IT audit engagements across various domains including network infrastructure, cloud computing, data governance, cybersecurity, and application systems.
• Identify potential risks and provide actionable recommendations to enhance control environments.
• Perform advanced data analytics to support audit objectives, interpreting complex data structures and business processes.
• Independently manage audit assignments with minimal supervision.
• Collaborate effectively with stakeholders to ensure clear communication of audit results.

• A minimum of 5 years of experience in IT audit, IT risk, or cybersecurity is essential.
• Proficiency in IT general control (ITGC) and IT application control (ITAC) is required.
• Knowledge of IT standards, frameworks, and regulations such as NIST, ISO 27001, Data Privacy, and COBIT is necessary.
• A degree in computer science, computer engineering, or information security is mandatory.
• Experience working with large internet companies or online business models is advantageous.
• Excellent communication skills, both written and verbal, are necessary for effective collaboration and stakeholder engagement.
• Experience with data analytics and relevant technology tools is desirable.
• Certifications in CISA or CISSP are compulsory.
• Familiarity with Mandarin language is beneficial for communication with Chinese partners.

• Evaluate the design and effectiveness of internal controls through thorough walkthroughs and testing.
• Lead remediation efforts for deficiencies identified in control design and operating effectiveness.
• Develop strategies to validate high-priority IT systems for business processes/sub-processes.
• Create detailed documentation for control designs, process narratives, and flowcharts.
• Establish strong relationships with stakeholders, facilitate discussions, and monitor progress.
• Identify potential risks and ensure insights are captured and managed.
• Supervise third-party audit resources where applicable.
• Report activity status and results to Management.

• Bachelor's Degree in Computer Engineering/Computer Science or related studies
• Minimum 4 consecutive years of IT audit working experience
• Knowledge of COBIT or ISO27001 or ITIL or MAS Technology Risk Management Guidelines or similar standards
• Experience in performing IT applications and general controls review, and cybersecurity review
• Able to work independently, possess good communication skills, and demonstrate good work ethics
• Experience in data analytics and usage of related technology tools in financial and insurance sectors has added advantage
• Professional qualifications (e.g. CISA, CISSP) are highly preferred

This role offers opportunities for professional growth and development. The successful candidate will be part of a dynamic team that values collaboration and expertise sharing.

The organization operates with a commitment to integrity and transparency. We promote a culture that fosters innovation, creativity, and continuous learning.

• Conduct comprehensive penetration tests on applications, databases, systems and networks to identify security vulnerabilities, and prepare a detail report on the findings.
• Propose measures to ensure that identified vulnerabilities are addressed.
• Work closely with IT, risk, and compliance teams to track remediation efforts and verify closure.
• Simulate cyber attacks to evaluate defensive measures and improve security posture.

• Minimum 5 years of hands-on penetration testing experience for web applications, mobile applications, APIs, network, databases and load testing.
• Experience conducting secure code review.
• Degree in computer science/computer engineering/information security or equivalent.
• Working knowledge of all aspects of information security is essential.
• Familiarity with systems and operational architecture of large internet companies or online business models.
• Good communication (spoken and written) skills, able to work independently and as a team.
• Certifications from either GIAC/Offensive Security/CREST required.
• Hands on experience in Kali Linux, Burp, and other advanced penetration testing, and secure code review tools.
• Good to have: Basic Mandarin skills for simple verbal and written communication with Chinese partners.

• 对应用程序,数据库,系统和网络进行全面的渗透测试,以识别安全漏洞,并撰写详细的调查报告。
• 提出措施,确保已识别的漏洞得到解决。
• 与IT,风险和合规团队紧密合作,跟踪修复工作并验证漏洞已关闭。
• 模拟网络攻击,评估防御措施并提升安全态势。

• 至少5年Web应用程序,移动应用程序,API,网络,数据库和负载测试的渗透测试经。
• 具备安全代码审查经验。
• 计算机科学/计算机工程/信息安全或同等学历。
• 具备信息安全各方面的工作知识。
• 熟悉大型互联网公司或在线商业模式的系统和运营架构。
• 良好的沟通能力,能够独立工作和团队合作。
• 需持有GIAC/Offensive Security/CREST认证。
• 具有 Kali Linux,Burp 和其他高级渗透测试及安全代码审查工具的实践经验。
• 加分项:具备基础中文能力,能够进行简单的口头和书面沟通。