154 Security Best Practices jobs in Singapore

Overview

At PwC, we help clients build trust and reinvent so they can turn complexity into competitive advantage. We’re a tech-forward, people-empowered network with more than 370,000 people in 149 countries. Across audit and assurance, tax and legal, deals and consulting we help clients build, accelerate and sustain momentum. Find out more at

If you love the business side of information security this is the place to be. Within the CISO pillar we work closely with member firm stakeholders to understand their business model and roadmap for technology. In turn the CISO pillar outlines the roadmap for NIS and drives engagement and adoption of central security services in line with the PwC Cyber Readiness program. Our mission is to identify, control, and reduce the attack surface across the network of member firms while increasing our adversaries’ cost of attack. Network Information Security team is redefining cyber security on a global scale at PwC. Our mission protects 223,000 PwC members across 157 member firms worldwide, as well as our global clients. If you are seeking an exciting career with the scope to grow your information and cyber security skills, then NIS will empower you to do so.

Responsibilities

• Project Support: Assist in the planning, execution, and monitoring of projects.
• Project Support: Utilise strong critical thinking and problem solving skills day to day.
• Project Support: Collaborate with team members to ensure project deliverables are met on time and within scope.
• Project Support: Prepare and maintain project documentation, including reports, presentations, and meeting minutes.
• Project Support: Quickly adapt to changing priorities and project requirements.
• Project Support: Demonstrate flexibility in managing tasks and responsibilities in a dynamic work environment.
• Project Support: Proactively identify and address potential issues or roadblocks to ensure smooth project execution.
• Project Support: Work with other NIS teams both locally, regionally and globally to deliver the security needs specific to the firm.

• Compliance and Vulnerability Management: Support work in vulnerability management and compliance activities
• Compliance and Vulnerability Management: Handles BAU activities such as managing security exceptions
• Compliance and Vulnerability Management: Help the business comply with the Information Security Policy by leveraging your cyber security knowledge and expertise.
• Compliance and Vulnerability Management: Collaborate with PwC IT and global team to align security process and tools.

• Application Security: Guide and support the business team to complete all required security reviews
• Application Security: Build knowledge on application security to effectively support security assessments
• Application Security: Align with different global and local teams to identify and fix gaps or risk found.

• Other: Help with daily security incident handling
• Other: Help to manage junior staff, for example interns

Education and Experience

• Interest in Information Security
• Bachelor’s or master’s degree (technical degree) or equivalent Industry certification

Candidate Specifications

• Desired Certifications: Certifications aren’t prerequisites however are well regarded
• Education Level: Undergraduate Degree (e.g. BIT, BSc) STEM or equivalent work experience: 2 - 4 years’ of progressive professional roles involving information security, computer science and/or other technical background

Skills

• Required Skills: Application Security, Application Security Assessments, Web Application Security Testing, and related cybersecurity controls and standards
• Optional Skills: Accepting Feedback, Active Listening, IT Infrastructure, Data Privacy Act, Information Security Governance

Travel & Employment Details

Travel Requirements: 0%

Available for Work Visa Sponsorship? No

Government Clearance Required? No

Seniority level

• Entry level

Employment type

• Full-time

Job function

• Information Technology

Industries

• Accounting

#J-18808-Ljbffr

Overview

BIPO: Shaping the Future of HR with Innovation and Global Reach

At BIPO, we are a global leader in HR services, offering innovative solutions that empower businesses to streamline and scale their operations effortlessly. Our award-winning cloud-based Human Resource Management System (HRMS) revolutionizes HR processes, making them simpler, more efficient, and cost-effective. By staying at the forefront of digital transformation, we help companies remain agile in a rapidly changing world.

Our comprehensive suite of services—including Payroll Outsourcing, Attendance Automation, HR Consulting, Recruitment & Business Process Outsourcing, and Flexible Employee Management—are designed to modernize HR functions, allowing businesses to focus on growth while we manage their HR complexities.

Why Join BIPO?

What sets BIPO apart is our dynamic, fast-paced culture where innovation thrives. We foster a work environment that values collaboration, creativity, and adaptability. Joining BIPO means being part of a global team thats passionate about pushing boundaries and shaping the future of HR. Our diverse workforce spans over 40 countries, and our APAC headquarters in Singapore, along with R&D centers in Singapore, Shanghai, Indonesia, and Malaysia, serve as the driving force behind our growth and innovation.

Since our founding in 2004, BIPO has cultivated a vast global network, delivering cutting-edge HR solutions across more than 40 countries. As we continue to grow and innovate, we’re seeking talented, ambitious individuals to join us on this exciting journey. At BIPO, you’ll have the opportunity to make a real impact, work with forward-thinking professionals, and help shape the future of HR. The possibilities are limitless—discover how you can grow with BIPO and be part of our global success story!

Responsibilities

• Lead compliance audit activities (SOC, ISO 27001) for BIPO Singapore, Hong Kong, and China


• Lead internal audit activities, IT security compliance projects/activities


• Lead staff information security awareness training, phishing campaigns


• Lead incident response to security and data breach incidents and cyber security incident response exercises


• Formulation, review, and update of information security-related company policies


• Support the business team in responding to customer's questionnaires and RFP, for IT security area.


• Manage security of IT systems, review of security logs, reporting IT systems security posture


• Lead IT security/compliance projects and operations, work with IT Infra Manager and IT infra team (e.g. annual penetration testing by external vendor)


• Formulating security checklists/guidelines for BIPO products and servers.


• Performs other duties as assigned related to information security/compliance.

Skills And Experience We Value

• Bachelor's degree in Information Technology or equivalent field of study


• Experienced in all or most of these: ISO 27001 implementation and/or maintenance, information security audit, security incident response, leading cyber security tabletop exercise, IT security policies, endpoint security, vulnerability scans/management, attack surface management, third-party risk management, SIEM, data loss prevention, managing security baselines for servers and endpoints, user security awareness training, penetration testing coordination with external vendor. Experience in cloud computing and Microsoft Azure AD/Office 365 security advantageous.


• Background in IT operations advantageous (e.g., server administration, network/system security, disaster recovery, system high availability, backup operations, system monitoring, storage administration, change management, patch management).


• Strong English writing skills, effective communication skills in business environment in Chinese and English.


• Good project management skills, problem-solving skills, and documentation skills.


• Responsible, resourceful, result oriented.


• Able to respond to critical security alerts and be contactable for urgent issues outside office hours.


• Professional certifications in information security/IT internal audit advantageous.


• Strong command of the Chinese language is required to effectively communicate with Mandarin-speaking stakeholders.

Seniority level

• Executive

Employment type

• Full-time

Job function

• Information Technology, Consulting, and Accounting/Auditing

Industries

• Human Resources Services

#J-18808-Ljbffr

**Line of Service**Internal Firm Services**Industry/Sector**Not Applicable**Specialism**IFS - Risk & Quality (R&Q)**Management Level**Associate**Job Description & Summary**At PwC, we help clients build trust and reinvent so they can turn complexity into competitive advantage. We’re a tech-forward, people-empowered network with more than 370,000 people in 149 countries. Across audit and assurance, tax and legal, deals and consulting we help clients build, accelerate and sustain momentum. Find out more at If you love the business side of information security this is the place to be. Within the CISO pillar we work closely with member firm stakeholders to understand their business model and roadmap for technology. In turn the CISO pillar outlines the roadmap for NIS and drives engagement and adoption of central security services in line with the PwC Cyber Readiness program. Our mission is to identify, control, and reduce the attack surface across the network of member firms while increasing our adversaries’ cost of attack. Network Information Security team is redefining cyber security on a global scale at PwC. Our mission protects 223,000 PwC members across 157 member firms worldwide, as well as our global clients. If you are seeking an exciting career with the scope to grow your information and cyber security skills, then NIS will empower you to do so.**Roles & Responsibilities**:**Project Support:*** Assist in the planning, execution, and monitoring of projects.* Utilise strong critical thinking and problem solving skills day to day* Collaborate with team members to ensure project deliverables are met on time and within scope.* Prepare and maintain project documentation, including reports, presentations, and meeting minutes.* Quickly adapt to changing priorities and project requirements.* Demonstrate flexibility in managing tasks and responsibilities in a dynamic work environment.* Proactively identify and address potential issues or roadblocks to ensure smooth project execution.* Work with other NIS teams both locally, regionally and globally to deliver the security needs specific to the firm.**Compliance and Vulnerability Management:*** Support work in vulnerability management and compliance activities* Handles BAU activities such as managing security exceptions* Help the business comply with the Information Security Policy by leveraging your cyber security knowledge and expertise.* Collaborate with PwC IT and global team to align security process and tools.**Application Security:*** Guide and support the business team to complete all required security reviews* Build knowledge on application security to effectively support security assessments* Align with different global and local teams to identify and fix gaps or risk found.**Other*** Help with daily security incident handling* Help to manage junior staff, eg. internsAn effective CISO pillar candidate will also possess the following **skills/ Requirements*** Able to work in a fast-paced environment, can upskill quickly and learn proactively* Analytical: Inquisitive nature and intuition regarding what questions to ask, when, and their relative significance.* Technical: Broad understanding of security technology.* Business: High level understanding of PwC’s business model, service offerings, and business operating environment as it pertains to the firm’s threat landscape. Ability to frame threats and exposures in a business context recognized by non-technical staff and executives.* Individuals selected for this role are expected to have both extensive knowledge and managerial know-how related to the following aspects: Demonstrate flexibility in managing tasks and responsibilities in a dynamic work environment* Understanding of technical and non-technical information security risks.* Have skills to analyse data and visualise data (good to have knowledge of Excel, PowerPoint etc.)* Good written and effective communicator to deal with various stakeholders* Meticulous and possesses an eye for details* Proactive, keen to learn, enjoys solving challenging problems, thinking outside of the box* Diligent and open to feedback* Experience in a role balanced between business stakeholders and a central service organization.* Possess knowledge about application security to effectively support security assessments* Time and Task Management: Ability to prioritise risk, manage a variety of take, take ownership to drive completion of activities and deliver on time**Education and Experience**:* Interest in Information Security* Bachelor’s or master’s degree (technical degree) or equivalent Industry certification**Candidate Specifications:***Desired Certifications:** (Certifications aren’t a prerequisite however are well regarded)**Education Level:** Undergraduate Degree (e.g. BIT, BSc) STEM or equivalent work experience: 2 - 4 years’ of progressive professional roles involving information security, computer science and/or other technical background**Education** *(if blank, degree and/or field of study not specified)*Degrees/Field of Study required:Degrees/Field of Study preferred:**Certifications** *(if blank, certifications not specified)***Required Skills**Application Security, Application Security Assessment, Application Security Assessments, Application Security Reviews, Application Security Testing, Cybersecurity Controls, Cyber Security Standards, Security Vulnerability Assessments, Threat and Vulnerability Assessment, Vulnerability Assessments, Web Application Security, Web Application Security Testing**Optional Skills**Accepting Feedback, Accepting Feedback, Active Listening, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Governance, Data Architecture, Data Archiving, Data Flow Mapping, Data Privacy Act, Emotional Regulation, Empathy, Enterprise Content Management, Incident Response Plan, Inclusion, Information Rights Management (IRM), Information Security, Information Security Governance, Information Security Management System (ISMS), Intellectual Curiosity, IT Infrastructure, Operating Model, Optimism, Privacy and Security {+ 6 more}**Desired Languages** *(If blank, desired languages not specified)***Travel Requirements**0%NoNo**Job Posting End Date**
#J-18808-Ljbffr

United Overseas Bank Limited (UOB) is a leading bank in Asia with a global network of more than 500 branches and offices in 19 countries and territories in Asia Pacific, Europe and North America. In Asia, we operate through our head office in Singapore and banking subsidiaries in China, Indonesia, Malaysia, Thailand and Vietnam, as well as branches and offices. Our history spans more than 80 years. Over this time, we have been guided by our values – Honorable, Enterprising, United and Committed. This means we always strive to do what is right, build for the future, work as one team and pursue long-term success. It is how we work, consistently, be it towards the company, our colleagues or our customers.

About Department

The Technology and Operations function is comprised of five teams of specialists with distinct capabilities: business partnership, technology, operations, risk governance and planning support and services. We work closely together to harness the power of technology to support our physical and digital banking services and operations. This includes developing, centralising and standardising technology systems as well as banking operations in Singapore and overseas branches.

Job Objectives

• Act as the 1st line of defense with the responsibility to protect the bank information.

• Implement Information Security controls aligning with Group directions.

Responsibilities

• Access control management including provisioning, recertification, privilege access management.

• Conduct due diligence on 3rd parties providing services to UOB that involve information security.

• Conduct application security review for internal development.

• Drive the campaigns to raise awareness on Information Security among staffs following Group program.

• Support the mandatory trainings on Information Security for all staffs.

• DLP rules review and management.

• Manage exception handling process.

• Coordinate for Security projects being rolled out.

• Perform gap analysis against regulatory requirements.

• Prepare response and evidence submission for security assessment/review requested by various parties.

• Consult BUs/SUs on Information Security matters.

#J-18808-Ljbffr

KEY RESPONSIBILITIES

• Carry out the end-to-end security management for enterprise of application security, host security, data security, network security, including but not limited to security policy management and system maintenance.

• Responsible for the Governance, Risk and Compliance technical implementation of personal information protection requirements.

• Project management, plan and coordinate security tools implementation throughout the overseas region. Providing periodic reporting of progress and issues.

• Conduct and perform periodic security awareness training and phishing campaigns.

• Responsible for the break-down and implementation of the development work in the baseline specification and technical architecture.

• Provide day-to-day IT support to all employees, including troubleshooting hardware, software, network, and system issues.

• Manage and maintain IT infrastructure, including servers, network devices, computers, printers, and security systems.

KEY REQUIREMENTS

The ideal candidates we are looking for should be seasoned Information Security Professionals with:

• Bachelor’s degree or above in Computer Science.

• At least 3 years working experience in network or information security related fields.

• Familiar with ISO27001, ITIL related technical standards and control measures.

• Familiar with common information security products and technical principles, e.g. system and network security, DLP, antivirus, encryption, SIEM, Zero Trust etc.

• Security certification such as CISSP, CISA, CCNP, CCIE is preferred.

#J-18808-Ljbffr

1 year ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

Job Description

Develop and continually refine the security framework, information security policies, processes, procedures, and guidelines.

Ensure compliance with these policies and procedures through regular security reviews and audits, including log analysis and security assessments of customer ICT systems.

Conduct security risk management exercises and table-top exercises.

Perform vulnerability assessments and coordinate penetration testing activities.

Deliver information security awareness training.

Develop and manage the customer’s security incident response plan.

Lead and support the customer in resolving and responding to security incidents.

Serve as the primary point of contact and advisor for the customer on ICT security-related matters.

Manage project activities and deliverables during the implementation phase.

Job Requirements

Minimum of 5 years of experience in IT security.

Experience with networks, servers (Windows and UNIX), and databases.

Proven track record in IT security auditing and security assessments.

Proficient in analyzing logs from various sources and understanding protocols and traffic flows.

Knowledge of Active Directory, endpoint protection solutions, Early Detection and Response solutions, Database Activity Monitoring tools, and SIEM.

Adaptable, team-oriented, and proactive personality.

Ability to independently organize and plan work.

Capable of working effectively in a rapidly changing environment.

Strong multi-tasking skills and the ability to switch contexts effectively between different activities and teams.

CISSP, CISM, Security+, or other relevant IT security certifications (e.g., Imperva, Carbon Black) are advantageous.

EA Licence No.:18S9405 / EA Reg. No.:R

Skills & Competencies

IT security,CISSP,CISM,Security+

Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Full-time

Job function

• Job function Information Technology
• Industries IT Services and IT Consulting

Referrals increase your chances of interviewing at Percept Solutions by 2x

Get notified about new Information Security Analyst jobs in Singapore .

Information Technology - Cyber Security Analyst (Scoot) Security Specialist, Detection & Response, Global Security Organisation - TikTok, Singapore Information Security Analyst / IT Support Engineer Technology & Cyber Security Risk Analyst Information Technology - Cyber Security Specialist (Architecture and Engineering)

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

Join to apply for the Information Security Engineer role at Manpower Singapore

2 days ago Be among the first 25 applicants

Join to apply for the Information Security Engineer role at Manpower Singapore

Information Security Engineer, Vulnerability Management and Operation

We are seeking an exceptional Security Engineer to support our vulnerability management program. This is a technical, operation-oriented, and hands-on role in a dynamic and fast-paced environment.

You'll work with various applications and systems to manage vulnerabilities, follow up with different teams, drive remediation, and improve current processes.

Description

• You will join a team that stays up to date on emerging security vulnerabilities and threats, maintains composure in crises, and advocates for improving product and service security.
• You need a good technical background and a strong interest in network, system, and web security.
• The role requires excellent communication skills to collaborate effectively with diverse teams. Responsibilities include:
• Working cross-functionally to identify and assess vulnerabilities, guiding teams through the remediation lifecycle with a focus on timely resolution and outcome-driven communication.
• Using programming to analyze large data dumps related to systems and applications to extract key information for vulnerability impact analysis.

Key Qualifications

• BSc in Computer Science, Information Technology, Information Security, or related field
• At least 3 years of experience in information security or related field
• Self-starter with flexibility to work remotely and support a global team
• Ability to manage multiple activities concurrently
• Passionate about data security
• Experience with vulnerability scanning tools like Tenable, Qualys, etc.
• Familiarity with common security vulnerabilities and their severity assessment
• Ability to analyze vulnerabilities and provide remediation guidance
• Independent in supporting and driving vulnerability remediation
• Continuous improvement mindset and automation skills
• Ability to run proof of concept for known vulnerabilities
• Understanding of IPv4 and IPv6 networks
• Proficiency in programming languages such as Python, Go, Rust, or Bash scripting
• Excellent critical thinking skills
• Problem-solving skills related to logic and algorithms
• Experience with SQL and Linux
• Experience with penetration testing
• Knowledge of the security research community

Note: Your response to this advertisement and communications will constitute informed consent for the collection, use, and disclosure of personal data by ManpowerGroup Singapore, in accordance with the Personal Data Protection Act 2012. For more information, visit ManpowerGroup's Privacy Policy .

#J-18808-Ljbffr

Job Description & Requirements

Haier is the number one brand of Major Appliances in the world with 16.3 percent of global market share. Headquartered in Qingdao, Haier has over 80,000 employees across 30 countries in the world.

Haier Singapore is the International HQ of Haier Group and is the main platform to provide procurement, trading, R&D and big data supports to over 80 countries in Asia, Europe, Africa and North America markets.

As the continuous demands from global businesses, we are looking for experienced Information Security Expert to support our Cybersecurity team in Singapore.

KEY RESPONSIBILITIES

• Carry out the end-to-end security management for enterprise of application security, host security, data security, network security, including but not limited to security policy management and system maintenance.
• Responsible for the Governance, Risk and Compliance technical implementation of personal information protection requirements.
• Project management, plan and coordinate security tools implementation throughout the overseas region. Providing periodic reporting of progress and issues.
• Conduct and perform periodic security awareness training and phishing campaigns.
• Responsible for the break-down and implementation of the development work in the baseline specification and technical architecture.

KEY REQUIREMENTS

The ideal candidates we are looking for should be seasoned Information Security Professionals with:

• Bachelor's degree or above in Computer Science.
• At least 3 years working experience in network or information security related fields.
• Familiar with ISO27001, ITIL related technical standards and control measures.
• Familiar with common information security products and technical principles, e.g. system and network security, DLP, antivirus, encryption, SIEM, Zero Trust etc.
• Security certification such as CISSP, CISA, CCNP, CCIE is preferred.

CyberArk Engineer

We are seeking a skilled and motivated CyberArk Engineer to join our growing security engineering team. In this role, you will be responsible for designing, implementing, and supporting privileged access management (PAM) solutions using CyberArk, ensuring the highest levels of security, compliance, and operational efficiency.

The ideal candidate will hold a CyberArk Certified Delivery Engineer (CDE) certification and have experience with Sentry (preferred). You will collaborate with cross-functional teams to protect sensitive data and critical systems from unauthorized access.

Key Responsibilities:

• Manage the onboarding and lifecycle of privileged accounts across various systems and environments.
• Implement CyberArk policies and security best practices to align with compliance and regulatory standards.
• Develop and maintain automation scripts and integrations with CyberArk using REST APIs, PowerShell, and other tools.
• Monitor and troubleshoot CyberArk infrastructure and user issues, providing escalation support as needed.
• Troubleshoot and remediate CyberArk Central Policy Manager (CPM) failures, including credential rotation errors, connectivity issues, and policy misconfigurations.
• Analyse CPM logs and error codes to identify root causes and implement durable solutions in collaboration with infrastructure and application teams.
• Perform health checks and tuning of CPM components to ensure stability and optimal performance.
• Basic understanding of custom CPM and PSM connectors for target platforms not natively supported by CyberArk.
• Work with application owners to gather requirements for new connectors, create integration documentation, and test connector functionality in pre-production environments.
• Leverage scripting (e.g., PowerShell, Python) to enhance connector behaviour and automate remediation tasks.
• Contribute to the connector certification process and maintain version control for custom components.
• Assist with audits, documentation, and reporting of privileged access activities.
• Work with IT, DevOps, and Security teams to integrate PAM solutions into existing workflows.
• Stay up to date with emerging threats, PAM trends, and CyberArk product updates.

Required Qualifications:

• CyberArk Certified Delivery Engineer (CDE) certification (must-have)
• 3+ years of experience implementing and supporting CyberArk solutions in enterprise environments
• Proficiency with CyberArk components and architecture
• Strong scripting skills (PowerShell, Python, etc.) and experience using CyberArk APIs
• Understanding of Identity and Access Management (IAM) concepts, Zero Trust, and least privilege
• Solid knowledge of Windows/Linux systems, Active Directory, and network security fundamentals

Preferred Qualifications:

• Experience or certification with Sentry
• CyberArk Defender or Guardian certification(s)
• Familiarity with cloud PAM implementations (AWS, Azure, GCP)
• Experience with SIEM tools and security monitoring
• Bachelor's degree in Computer Science, Information Security, or related field

Interested candidates may apply through the application system. We regret to inform only Shortlisted candidates will be notified.

By sending us your personal data and curriculum vitae (CV), you are deemed to consent to PERSOLKELLY Singapore Pte Ltd and its affiliates to collect, use and disclose your personal data for the purposes set out in the Privacy Policy available at You acknowledge that you have read, understood, and agree with the Privacy Policy.

PERSOLKELLY Singapore Pte Ltd
• RCB No. E
• EA License No. 01C4394
• EA Registration No. R (Derrick Tiew Yong Han)