41 Security Assessment jobs in Singapore

Compliance Officer

• Roles & Responsibilities
• Identify and document instances of non-compliance, procedural gaps, or vulnerabilities in security systems.
• Prepare detailed reports for senior management, outlining audit findings, corrective actions, and overall compliance status.
• Ensure all security operations are in accordance with relevant laws, regulations, and industry standards.

• Personnel Management and Hiring
• Develop comprehensive onboarding and training programs for new and existing staff, focusing on procedural compliance and professional conduct.
• Implement a system to monitor and evaluate security personnel performance to ensure high standards.

• Operational Performance and Improvement
• Propose and lead improvements to enhance effectiveness and efficiency of security operations.
• Stay informed about new security technologies and recommend solutions that improve compliance and capabilities.

• Policy and Procedure Development
• Create, write, and update security policies, standard operating procedures, and training materials to reflect current best practices and evolving threats.
• Serve as primary point of contact for security compliance inquiries, providing clear guidance to the team and other departments.

• Stakeholder and Customer Management
• Provide assistance related to security protocols to customers and employees, ensuring all interactions are professional and service-oriented.

• Bonus

• What We Offer

eToro has created an intuitive Social Trading platform that gives traders and investors access to global stock markets, commodity trading, cryptocurrency trading, and more. We strive to make money management available and accessible to everyone (even to users with no prior experience or knowledge). We have over 33 million users worldwide, and our platform is available in over 140 countries around the world.

With over 1500 employees worldwide, We have locations in the US, Cyprus, UK, Australia, Germany, and Israel, and we are constantly growing and expanding into new markets.

We are constantly growing and are excited to share that we are looking for a Information Security Compliance Officer to join our team!

What will you be doing?

• Act as the primary local security contact / adviser for both Singapore and Australia offices.
• Work with Group IS and assist on the implementation and translation of information security policies and procedures for local offices.
• Provide an escalation path for security issues, incidents and inquiries to local offices.
• Provide regular and timely reporting on the status of cyber security to local management.
• Provide Cyber Security guidance to the local offices.
• Monitor IT/IS outsourcing arrangements and check that the KPIs/SLAs are met, else to find out the root cause and report it to local management.
• Proactively identify non compliance and areas of potential improvement to Group IS; and facilitate development and deployment of standard solutions.
• Collaborate with the Group Cyber Defense Operations and Cyber Security Engineering teams to develop a technical roadmap for local offices to meet local regulatory requirements.
• Work with Group Security Incident Response and Crisis Management teams to assist in driving incidents to acceptable resolution; and assist with investigations as needed.
• Participate in region/business unit related conferences, client facing engagement, industry forums to represent eToro’s Cyber Security program.
• Responsible for tasks assigned to you.
• Responsible to self track (including mandatory in-house Compliance/AML training/ABC) all training hours and keep training records and with the HR;
• Any other tasks as allocated by your direct line manager.

Direct message the job poster from Eames Consulting

We are seeking a Cyber Security Compliance Manager to join our client’s team and lead the development, implementation, and oversight of cyber security compliance and governance programs. The ideal candidate has a deep understanding of information security frameworks and regulations, with a proven track record of ensuring organisational compliance in fast-paced environments.

Key Responsibilities

• Develop, implement, and manage cyber security compliance programs and policies aligned with global standards and regulatory requirements.
• Lead regular risk assessments, security audits, and compliance checks across IT infrastructure and business units.
• Maintain up-to-date knowledge of relevant laws, standards, and best practices (e.g., ISO27001, NIST, GDPR, PCI-DSS, MAS TRM).
• Collaborate with technical and business teams to ensure consistent interpretation and application of security policies and controls.
• Manage internal and external audits, including preparing documentation and responding to audit findings.
• Conduct awareness and training programs for staff on security policies, data protection, and regulatory requirements.
• Advise management and stakeholders on cyber security risks, compliance gaps, and recommended mitigation strategies.
• Track and report on compliance status, risk metrics, and remediation efforts to senior leadership.

Requirements

• Bachelor’s degree in Information Security, Computer Science, IT, or related field.
• Minimum 5 years’ experience in cyber security compliance, audit, or risk management roles.
• Sound knowledge of international cybersecurity standards and regulatory frameworks (ISO27001, NIST, GDPR, PCI-DSS, MAS, etc.).
• Strong analytical, organisational, and communication skills.
• Experience interfacing with auditors and regulatory authorities.
• Professional certifications such as CISM, CISA, CISSP, or CRISC are a strong advantage.

If you are looking to join a fast-paced environment with a great culture, look no further and apply now!

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Information Services and Technology, Information and Media

Referrals increase your chances of interviewing at Eames Consulting by 2x

Get notified about new Cyber Security Specialist jobs in Singapore, Singapore .

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

eToro has created an intuitive Social Trading platform that gives traders and investors access to global stock markets, commodity trading, cryptocurrency trading, and more. We strive to make money management available and accessible to everyone (even to users with no prior experience or knowledge). We have over 33 million users worldwide, and our platform is available in over 140 countries around the world.

With over 1500 employees worldwide, We have locations in the US, Cyprus, UK, Australia, Germany, and Israel, and we are constantly growing and expanding into new markets.

We are constantly growing and are excited to share that we are looking for a Information Security Compliance Officer to join our team!

What will you be doing?

• Act as the primary local security contact / adviser for both Singapore and Australia offices.
• Work with Group IS and assist on the implementation and translation of information security policies and procedures for local offices.
• Provide an escalation path for security issues, incidents and inquiries to local offices.
• Provide regular and timely reporting on the status of cyber security to local management.
• Provide Cyber Security guidance to the local offices.
• Monitor IT/IS outsourcing arrangements and check that the KPIs/SLAs are met, else to find out the root cause and report it to local management.
• Proactively identify non compliance and areas of potential improvement to Group IS; and facilitate development and deployment of standard solutions.
• Collaborate with the Group Cyber Defense Operations and Cyber Security Engineering teams to develop a technical roadmap for local offices to meet local regulatory requirements.
• Work with Group Security Incident Response and Crisis Management teams to assist in driving incidents to acceptable resolution; and assist with investigations as needed.
• Participate in region/business unit related conferences, client facing engagement, industry forums to represent eToro’s Cyber Security program.
• Responsible for tasks assigned to you.
• Responsible to self track (including mandatory in-house Compliance/AML training/ABC) all training hours and keep training records and with the HR;
• Any other tasks as allocated by your direct line manager.

Direct message the job poster from Eames Consulting

I help organisations attract Cyber Security, Technology Risk & Audit talents to improve their risk & security posture

We are seeking a Cyber Security Compliance Manager to join our client’s team and lead the development, implementation, and oversight of cyber security compliance and governance programs. The ideal candidate has a deep understanding of information security frameworks and regulations, with a proven track record of ensuring organisational compliance in fast-paced environments.

Key Responsibilities

• Develop, implement, and manage cyber security compliance programs and policies aligned with global standards and regulatory requirements.
• Lead regular risk assessments, security audits, and compliance checks across IT infrastructure and business units.
• Maintain up-to-date knowledge of relevant laws, standards, and best practices (e.g., ISO27001, NIST, GDPR, PCI-DSS, MAS TRM).
• Collaborate with technical and business teams to ensure consistent interpretation and application of security policies and controls.
• Manage internal and external audits, including preparing documentation and responding to audit findings.
• Conduct awareness and training programs for staff on security policies, data protection, and regulatory requirements.
• Advise management and stakeholders on cyber security risks, compliance gaps, and recommended mitigation strategies.
• Track and report on compliance status, risk metrics, and remediation efforts to senior leadership.

Requirements

• Bachelor’s degree in Information Security, Computer Science, IT, or related field.
• Minimum 5 years’ experience in cyber security compliance, audit, or risk management roles.
• Sound knowledge of international cybersecurity standards and regulatory frameworks (ISO27001, NIST, GDPR, PCI-DSS, MAS, etc.).
• Strong analytical, organisational, and communication skills.
• Experience interfacing with auditors and regulatory authorities.
• Professional certifications such as CISM, CISA, CISSP, or CRISC are a strong advantage.

If you are looking to join a fast-paced environment with a great culture, look no further and apply now!

Seniority level

• Seniority level

  Mid-Senior level

Employment type

• Employment type

  Full-time

Job function

• Job function

  Information Technology

• Industries

  Information Services and Technology, Information and Media

Referrals increase your chances of interviewing at Eames Consulting by 2x

Get notified about new Cyber Security Specialist jobs in Singapore, Singapore .

Assistant Director/Senior Manager (Cybersecurity Oversight)

Chief Information Security Officer - Fintech

VP, Cyber Security Program Manager, COO's Office

Regional Manager, Business Security & Governance

Deputy Manager (IT Cyber Security) - Contract

Manager Roles in Cyber Security Fusion Center (Express of Interest)

Cyber Security Operations (CSO) - Asia Cluster Governance Lead

VP, AI Security Risk Manager, COO's Office

IT Risk, Compliance and Security Manager

Cybersecurity Manager (Network Infrastructure)

AVP/VP (12 months contract), Cybersecurity (Governance Oversight)

Deputy Director (Security Engineering), Cybersecurity Engineering Centre

Assistant Manager / Manager, Cybersecurity Resilience Governance Preparedness

Global Information Security, Risk and Governance Manager

Director, APAC Solutions Consulting (Cybersecurity)

(Senior/Executive) Manager, Resilience and Cybersecurity Planning

Vice President, Global Cybersecurity Awareness and Training

Manager/Senior Manager (Sector Lead Office), Regulations Division

Client Information Security Lead/Senior Manager (Infra Enterprise)

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Job Title: IT Security Compliance Specialist

We are seeking an experienced IT security compliance specialist to join our team. As a key member of our organization, you will be responsible for ensuring the security and integrity of our systems and data.

• Overall system administration with a focus on security and compliance.
• Ability to administer M365, domains, GPOs, file permission hierarchies, events, PowerShell, and achieve secured setup. MSSQL knowledge is commendable.
• Open to lead or carry out security implementations, investigations, incidents, documentations.
• Conduct periodical assessments of cybersecurity risks for onshore and offshore, ensuring compliance checks.
• Prepare cybersecurity information and awareness training topics.
• Opportunity to administer networks in a non-Cisco environment.
• Foster team collaboration with L1 teams on day-to-day requirements.
• Assist with other related administrative duties.

Requirements:

• At least 3+ years of system administration experience with foresight in cybersecurity areas.
• Preferrable with MCSA/MCSE, Windows Server Hybrid Administrator Associate, CCNA, or equivalent certifications.
• Good to have CISSP, Security+, or past relevant security implementation work or documentation.
• Familiarity with IMO guidelines, ISO27001, ISO9000 is commendable.
• Full independence and ability to respond effectively on security incidents and escalations.
• A hands-on person with excellent problem-solving, analytical abilities.
• Excellent tech savviness, always motivated, and continuous forward-learning mentality.

• Microsoft 365
• MSSQL
• Network Administration
• CCNA
• Cybersecurity
• Powershell
• Security Policy
• ISO 27001
• Microsoft SQL
• MCSA Security
• User Management
• Windows Server
• System Administration
• Windows PowerShell
• MSSQL Server
• ISO 9000
• Able To Work Independently
• CISSP

Who are we?

Established in 2004, AGES is a comprehensive solutions provider for various cyber and IT applications. The company has garnered substantial market recognition and is accredited as a Qualified Security Assessor (QSA) organization. AGES offers independent security audits, assessments, and compliance validation services.

AGES acknowledges the heightened potential security threats stemming from business dependencies on technologies, particularly in payment and mobile security controls, where market conditions and requirements vary significantly. AGES endeavours to play a pivotal role in the market by addressing such security threats, particularly in establishing a more secure platform for these industries.

As a pioneer in cryptography, cyber security, and related payment environments, AGES has garnered substantial market recognition and is recognized by numerous prominent organizations. AGES brings together industry experts in cyber and IT, including specialists in cyber technologies, cryptography, payment systems security, IT security, systems development, project management, and business development.

AGES has also garnered relevant in-depth experience with significant organizations such as Payment Card Industry (PCI) Security Standards Council (SSC), MasterCard International (MCI), VISA, American Express (AMEX), JCB, Diners/Discover, NPCI – RuPAY, and UnionPay International (China UnionPay – UPI), enable AGES to effectively reach out to diverse clientele across global markets.

Organizations engaged in physical and logical security activities related to the production and provisioning of payment cards for various brands must adhere to the PCI Card Production and Provisioning (CP) requirements. AGES is a market leader in PCI CP security assessments that encompass physical and logical security, cybersecurity, information security, network and data security, and cryptographic key management. AGES has developed into a critical source of security and certification support for numerous card plants.

AGES is committed to integrating sustainability and scaling its ESG initiatives into its core business operations to facilitate the transition towards a cleaner and more sustainable future for society. We envision significant growth in its security audit programs to position itself among the global top audit providers for these programs.

Job Description:

• We are looking for competent individuals to join our team, to conduct security assessments and vulnerability testing relating to the payment and IT security industry. Weekly traveling is required during peak season.
• To evaluate technologies against cybersecurity standards and stay current on IT security regulations and standards (eg: PCI CPSA, PCI DSS, PCI 3DS)
• Undergo company bond-sponsorship for industrial professional certifications, courses, examinations and overseas on-the-job trainings.
• This is an ideal role for a highly organised individual who has a good command of language, possess excellent interpersonal skill, good writing skills and holds a keen interest in IT to join our expert IT auditing and security

Your Key Responsibilities:

1. Support in cyber security / audit team in compliance assessment, assessment reporting, vulnerabilities scans and network penetration tests for local and overseas customers (if required), enhancement of in-house penetration test system - PAYGE, system security testing and quality assurance activities.
2. Network penetration testing follows the NIST Special Publication 800-115 using tools not limiting to Metasploit, Wireshark, Nessus, Nikto, Nicat, John the Ripper, AppScan, Greenbone, and Netcraft.
3. Configuration of VM image for VM Box used for vulnerability scans and network penetration tests. VM image may deploy Kali Linux.
4. Clients in scope cover but not limited to organisations certified under the Payment Card Industry (PCI) Card Production (CP), and PCI Data Security Scheme (DSS) programs.
5. Document work papers, report preparation and quality assurance, and attend in house training sessions (if any).
6. Any other ad-hoc tasks and job rotation as assigned by your reporting officer.

Requirements:

• Degree in Computing or equivalent with minimum 1 to 10 years of IT working experience;
• Able to travel weekly for short trips;
• Ability to speak and write to our Taiwanese speaking clients.
• Certified CISA and CISM/CISSP preferred.

Why join our team?

AGES has a friendly working environment with a highly motivated and hard-working team. This role should appeal if you enjoy verifying information, has an inquisitive mind, is an effective communicator and enjoy challenging yourselves to make a positive impact to our clients and our peoples.

The IT security and audit industry is fast-paced and busy, so we are looking for colleagues who have a positive and results focused attitude. You should also like traveling worldwide for work related projects too.

This breadth and depth of experience, combined with technical and communication skills in the payment security assessment domain, makes you a valuable asset to any organisation , opening up opportunities in areas such as IT Risk Management, IT Compliance, Technology Operations, and Cyber Information Security.

To find out more about us

About the Role

As a Penetration Testing Specialist, reporting to the Internal Audit function, you will play a critical role in evaluating the organization's cybersecurity posture by simulating real-world attacks and identifying vulnerabilities across systems, applications, and networks. Your work directly supports audit objectives by validating the effectiveness of security controls, ensuring regulatory compliance, and mitigating operational risks.

Key Responsibility

• Conduct comprehensive penetration tests on applications, databases, systems and networks to identify security vulnerabilities, and prepare a detail report on the findings.
• Propose measures to ensure that identified vulnerabilities are addressed.
• Work closely with IT, risk, and compliance teams to track remediation efforts and verify closure.
• Simulate cyber attacks to evaluate defensive measures and improve security posture.

Requirements

• Minimum 5 years of hands-on penetration testing experience for web applications, mobile applications, APIs, network, databases and load testing.
• Experience conducting secure code review.
• Degree in computer science/computer engineering/information security or equivalent.
• Working knowledge of all aspects of information security is essential.
• Familiarity with systems and operational architecture of large internet companies or online business models.
• Good communication (spoken and written) skills, able to work independently and as a team.
• Certifications from either GIAC/Offensive Security/CREST required.
• Hands on experience in Kali Linux, Burp, and other advanced penetration testing, and secure code review tools.
• Good to have: Basic Mandarin skills for simple verbal and written communication with Chinese partners.

渗透测试专家

关于职位

作为一名向内部审计部门汇报的渗透测试专家,您将在评估组织的网络安全态势方面发挥关键作用,通过模拟真实攻击并识别系统、应用程序和网络中的漏洞。您的工作将通过验证安全控制措施的有效性、确保合规性并降低运营风险,直接支持审计目标。

主要职责

• 对应用程序、数据库、系统和网络进行全面的渗透测试,以识别安全漏洞,并撰写详细的调查报告。
• 提出措施,确保已识别的漏洞得到解决。
• 与IT、风险和合规团队紧密合作,跟踪修复工作并验证漏洞已关闭。
• 模拟网络攻击,评估防御措施并提升安全态势。

职位要求

• 至少5年Web应用程序、移动应用程序、API、网络、数据库和负载测试的渗透测试经。
• 具备安全代码审查经验。
• 计算机科学/计算机工程/信息安全或同等学历。
• 具备信息安全各方面的工作知识。
• 熟悉大型互联网公司或在线商业模式的系统和运营架构。
• 良好的沟通能力,能够独立工作和团队合作。
• 需持有GIAC/Offensive Security/CREST认证。
• 具有 Kali Linux、Burp 和其他高级渗透测试及安全代码审查工具的实践经验。
• 加分项:具备基础中文能力,能够进行简单的口头和书面沟通。

We are seeking a highly skilled and experienced penetration testing Consultant. In this role, you will be responsible for executing technical security assessments.

· Perform technical security assessment engagements for clients including penetration testing, host configuration reviews, secure code reviews, etc

· Contribute to the development and enhancement of assessment methodologies

· Participate in the development of new services

· Bachelor's degree in computer science, cybersecurity, or related field

· Professional certifications: OSCP, CRT

· 3+ years of experience in penetration testing or a related field

· Knowledge of penetration testing methodologies, tools and frameworks

· Experience with network (wired and wireless) and application (web, mobile, thick) security testing

· Credited with CVEs

· Participates in bug bounty programs

· Organizes or participates in CTFs

· Delivers technical research at security conferences