230 Security Compliance jobs in Singapore

We are seeking a skilled
Hadoop Security & Compliance Engineer
to design and maintain secure, compliant, and high-performing enterprise data platforms. The role involves implementing and managing
Hadoop ecosystem security , ensuring
data governance , and supporting
regulatory compliance
across
Cloudera CDP/CDH
environments.
Key Responsibilities
Configure and manage
Kerberos, Ranger/Sentry, LDAP , and
Encryption Zones
for secure access and data protection.
Enforce governance policies aligned with
MAS TRM, PDPA, and ISO 27001
standards.
Perform
security audits, vulnerability assessments , and implement remediation plans.
Automate compliance monitoring and reporting via
Python/Shell scripting .
Collaborate with data engineering, DevOps, and security teams for
secure platform integration
(AWS/GCP).
Monitor system health using
Cloudera Manager, Geneos, and CloudWatch
to ensure platform reliability and compliance.
Required Skills
Hands‐on experience with
Hadoop (HDFS, Hive, YARN, Spark, Kafka)
and
Cloudera CDP/CDH .
Strong knowledge of
Kerberos, Sentry/Ranger, ACLs, and encryption .
Proficient in
Linux administration, CI/CD, and scripting (Python, Bash) .
Familiarity with
AWS Cloud (S3, EMR, IAM, VPC)
integration.
#J-18808-Ljbffr

We are seeking a skilled Hadoop Security & Compliance Engineer to design and maintain secure, compliant, and high-performing enterprise data platforms. The role involves implementing and managing Hadoop ecosystem security , ensuring data governance , and supporting regulatory compliance across Cloudera CDP/CDH environments.

Key Responsibilities:

· Configure and manage Kerberos, Ranger/Sentry, LDAP , and Encryption Zones for secure access and data protection.

· Enforce governance policies aligned with MAS TRM, PDPA, and ISO 27001 standards.

· Perform security audits, vulnerability assessments , and implement remediation plans.

· Automate compliance monitoring and reporting via Python/Shell scripting .

· Collaborate with data engineering, DevOps, and security teams for secure platform integration (AWS/GCP).

· Monitor system health using Cloudera Manager, Geneos, and CloudWatch to ensure platform reliability and compliance.

Required Skills:

· Hands-on experience with Hadoop (HDFS, Hive, YARN, Spark, Kafka) and Cloudera CDP/CDH .

· Strong knowledge of Kerberos, Sentry/Ranger, ACLs, and encryption .

· Proficient in Linux administration, CI/CD, and scripting (Python, Bash) .

· Familiarity with AWS Cloud (S3, EMR, IAM, VPC) integration.

Overview
AGES is a comprehensive solutions provider for various cyber and IT applications. Established in 2004, the company is accredited as a Qualified Security Assessor (QSA) organization and offers independent security audits, assessments, and compliance validation services.
AGES focuses on addressing security threats arising from business dependencies on technologies, particularly in payment and mobile security controls. The company aims to establish a more secure platform for these industries and to integrate sustainability and ESG initiatives into its core operations, with a view toward becoming a global top audit provider for security programs.
As a pioneer in cryptography, cyber security, and related payment environments, AGES brings together experts across cyber technologies, cryptography, payment systems security, IT security, systems development, project management, and business development. The team has experience with organizations such as PCI SSC, MasterCard, VISA, AMEX, JCB, Diners/Discover, NPCI – RuPAY, and UnionPay International (China UnionPay – UPI).
AGES is committed to PCI Card Production and Provisioning (CP) security assessments that cover physical and logical security, cybersecurity, information security, network and data security, and cryptographic key management.
Responsibilities
We are looking for competent individuals to join our team to conduct security assessments and vulnerability testing relating to the payment and IT security industry.
To evaluate technologies against cybersecurity standards and stay current on IT security regulations and standards (e.g., PCI CPSA, PCI DSS, PCI 3DS).
Undergo company bond-sponsorship for industrial professional certifications, courses, examinations, and overseas on-the-job trainings.
Weekly traveling is required.
This role is suitable for a highly organized individual with strong language skills, excellent interpersonal abilities, good writing skills, and a keen interest in IT to join our expert IT auditing and security team.
Your Key Responsibilities
Conduct compliance assessments, provisioning of assessment reports, perform vulnerability scans and network penetration tests for local and overseas customers (if required), and contribute to the enhancement of the in-house penetration test system - PAYGE, including system security testing and quality assurance activities.
Perform network penetration testing following the NIST SP 800-115, using tools such as Metasploit, Wireshark, Nessus, Nikto, Nicat, John the Ripper, AppScan, Greenbone, and Netcraft.
Configure VM images for VM Box used for vulnerability scans and network penetration tests; VM images may deploy Kali Linux.
Engage with clients in scope, including but not limited to organizations certified under PCI CP and PCI DSS programs, for assessments and testing.
Document work papers, prepare reports, ensure quality assurance, and attend in-house training sessions.
Perform any other ad-hoc tasks and job rotations as assigned by your reporting officer.
Requirements
Degree in Computing or equivalent (with relevant industry certifications) with a minimum of 1 to 10 years of IT experience.
Able to travel weekly for short trips.
Ability to speak and write for Taiwanese-speaking clients.
Certified CISA and CISM/CISSP preferred.
Why join our team?
AGES offers a friendly working environment with a highly motivated and hard-working team. This role suits those who enjoy verifying information, have an inquisitive mind, are effective communicators, and enjoy challenging themselves to make a positive impact for clients and colleagues.
The IT security and audit industry is fast-paced and busy, and we seek colleagues with a positive, results-focused attitude who may travel worldwide for work-related projects.
With broad experience and strong technical and communication skills in the payment security assessment domain, this role can lead to opportunities in IT Risk Management, IT Compliance, Technology Operations, and Cyber Information Security.
To find out more about us #J-18808-Ljbffr

Senior Product Manager – Security & Compliance
Location:
Team:
Product
Employment Type:
Regular
Job Code:
A A
ByteDance will be prioritizing applicants who have a current right to work in Singapore, and do not require ByteDance's sponsorship of a visa.
About the Team
The Information System is based on the needs of the company's internal system construction and responsible for the planning and construction of internal human resources, workplace service, finance, legal affairs, procurement, approval and other internal systems, demand and project management, information security management, system configuration, operation and maintenance of the company. The Privacy and Security Team focuses on developing and managing products related to internal data security and compliance governance. Key initiatives include:- Designing, implementing, and operating the Data Center Operation Gateway.- Designing, implementing, and operating eDiscovery and Data Vault products in Bytedance.
Our Product Management team is presently looking to bring on board a Product Manager with expertise in product lifecycle management. To achieve long-term product goals, you will be responsible for creating solutions focused on:- Implementing Product Designs to maintain security and compliance of the company in related data management areas.- Innovating Product Experiences to improve business operation efficiency.
What you will do
Define, drive and own product portfolio strategy, roadmap, and objectives, supported by robust qualitative and quantitative evidence.
Craft and communicate a compelling long-term product vision, utilising business knowledge and data to secure alignment and buy-in from stakeholders.
Establish and monitor key metrics to evaluate product health and project success, using insights from portfolio metrics to inform decisions and drive tactical actions.
Lead technical explorations and collaborate with development teams to validate hypotheses, refine solutions, and ensure alignment on strategic direction.
Manage scoping and prioritization effectively, navigating conflicts and adapting to changes while maintaining focus on business objectives.
Oversee critical defect resolution with clear prioritization, management, and communication to stakeholders.
Build consensus and influence cross-functional teams without direct authority, ensuring seamless collaboration to achieve goals.
Mentor and coach less experienced team members, fostering skill development and growth in product management capabilities.
Qualifications
Minimum Qualifications:
More than 5 years of experience in Product Management.
Bachelor’s degree (or equivalent) in Computer Science, Mathematics, or a related field with relevant experience in technology product strategy and development.
In-depth understanding of software development lifecycle and Agile methodologies.
Strong proficiency in data analysis, using insights to monitor product health, set objectives, validate assumptions, and track success.
Proven ability to manage multiple projects and prioritize tasks based on organizational goals, with exceptional attention to detail in creating and refining deliverables.
Excellent communication, facilitation, and analytical skills, complemented by strong business and technical acumen, including problem-solving and critical thinking.
Preferred Qualifications:
Experience in developing eDiscovery solutions, operational gateways, or permission management systems.
Knowledge of privacy data compliance regulations across key regions, including GDPR.
Demonstrated use of OKRs or similar outcome-based frameworks that prioritize results over feature development.
Job Information
About Us
Founded in 2012, ByteDance's mission is to inspire creativity and enrich life. With a suite of more than a dozen products, including TikTok, Lemon8, CapCut and Pico as well as platforms specific to the China market, including Toutiao, Douyin, and Xigua, ByteDance has made it easier and more fun for people to connect with, consume, and create content.
Why Join ByteDance
Inspiring creativity is at the core of ByteDance's mission. Our innovative products are built to help people authentically express themselves, discover and connect – and our global, diverse teams make that possible. Together, we create value for our communities, inspire creativity and enrich life - a mission we work towards every day.
As ByteDancers, we strive to do great things with great people. We lead with curiosity, humility, and a desire to make impact in a rapidly growing tech company. By constantly iterating and fostering an "Always Day 1" mindset, we achieve meaningful breakthroughs for ourselves, our Company, and our users. When we create and grow together, the possibilities are limitless. Join us.
Diversity & Inclusion
ByteDance is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At ByteDance, our mission is to inspire creativity and enrich life. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.
#J-18808-Ljbffr

Security Compliance Manager– Singapore Malaysia Vietnam Maternity Cover (6 months)
1 Grange Rd, Singapore
Full-time
Department: H&M Group
Company Description
H&M Brand is on an exciting journey to again become a truly customer focused company. In line with our Omni transformation, we want to achieve clear ownership, fuel our salesmanship, enable speed and build on our passion for the customer throughout the organisation.
Job Description
You ensure business continuity by management of risks. Providing peace of mind, you manage and support your team to ensure the H&M Group is a place where employees and customers can feel safe. You drive the 5 security areas by influencing behavior through effective leadership in your local organization.
Key responsibilities
Risk Management: Regular assessment, analysis, identification and evaluation of potential risk to minimize threat exposure. Implement and ensure compliance strategies are accordance to global brand policies, standards and local legislation.
Health & Safety: Contribute and sustain a healthy and safe work environment throughout the business by ensuring company’s crisis management process are followed and taught; take preventive measures, recognize safety hazards and initiate actions to prevent incidents to our employee and customers.
Asset Protection: You work proactively with H&M group technology and people, continuously looking for better ways of protection, planning and purchasing security services and product according to global project management and sourcing process. You have a good technical knowledge on all global and local security systems and manages inventory preparation with relevant departments.
Loss Prevention: Follow up and analyze shrinkage results, main KPIs and initiate actions preventing loss and increasing profit. Implement and maintain Loss Prevention Strategy and investigate on frauds as needed. Ensure LP tools are used to their full potential.
Information Security: Being advisor to your management on cyber security risk, ensuring compliance with Data Privacy, PCI DSS and information security.
Qualifications
High performing manager with 2-3 years security and track leadership.
Formal education with Business Admin Certification, and other security related certification (CPP, PSP, APP, PMP, etc).
Great command of English both spoken and written, strong communication and presentation skills with ability to present to stakeholders and wider audience.
Analytical, numbers and fact driven with strong knowledge on policies implementation and compliance.
Strong organizational and prioritizing skills and competency with office 365 tools.
Additional Information
If you feel that your experience, skills and ambitions are a match, apply latest by 11th JULY 2021. We’re more about personality and competence than qualifications, so don’t worry if your skills aren’t a perfect match. This position is based in Singapore Support Office and is a Maternity Cover for 6 months.
#J-18808-Ljbffr

Location: CBD, Singapore

Type: 1-year contract (with possible extension)

This is a leadership n Hands on role — you'll help set the strategy, make big decisions on security, and lead responses if anything goes wrong

You are tasked with keeping the company's IT systems and data secure.

This includes making sure there are strong security policies, protecting against cyber threats, and helping the company meet regulations.

You'll work closely with top management and teams across the company to manage risks and improve cybersecurity.

When need arises. you will need to hands on to solve the problems

.

Job scope:

Leadership

• Set and lead the company's overall IT security plan.
• Advise top leaders on cybersecurity matters.
• Create security rules and make sure everyone follows them.
• Help other departments understand and support security goals

Operations

• Manage the IT security budget carefully.
• Track performance — like system downtime, incident handling speed, and vendor performance.
• Make business cases to justify investments in security tools or projects.

Cybersecurity Incident Handling

• Keep improving systems to detect and prevent cyberattacks.(Leadership and Hands on)
• Monitor for threats and respond quickly if there's a breach.(Leadership and Hands on)

Compliance

• Identify and manage cybersecurity risks (including third-party/vendor risks).
• Ensure the company follows laws and industry standards (like MAS TRM, ISO 27001).
• Regularly check and report on security risks and how they're being handled.

Requirement

• A degree in Computer Science, IT with Certification :CISSP, CISM, CISA, CRISC, or CCSP.
• 5 years in IT Security n 3years in a leadership role like IT Security Manager or CISO.

Added advantage:

Finance or insurance domain.

Other Skills

• Strong knowledge of cybersecurity laws, risks, and standards.
• Ability to explain technical issues to non-technical people.
• Good leadership and teamwork skills.
• Experience with budgeting and running IT security projects.

What You'll Be Measured On:

• Annual cybersecurity strategy report
• Quarterly risk reports and dashboards
• Performance metrics (e.g: incident handling, cost efficiency)
• Budget usage and cost tracking
• Regular reviews of IT security performance and vendor quality

Work location :CBD

Whats on offer

(1) Attractive package

(2) Stable Management

(3) Dynamic work environment.

For better response, pls apply via job page

click job opening, click relevant position.

We regret that only shortlisted candidates will be notified.

Carry out the end-to-end security management for enterprise of application security, host security, data security, network security, including but not limited to security policy management and system maintenance.
Responsible for the Governance, Risk and Compliance technical implementation of personal information protection requirements.
Project management, plan and coordinate security tools implementation throughout the overseas region. Providing periodic reporting of progress and issues.
Conduct and perform periodic security awareness training and phishing campaigns.
Responsible for the break-down and implementation of the development work in the baseline specification and technical architecture.
The ideal candidates we are looking for should be seasoned Information Security Professionals with:
KEY REQUIREMENTS
Bachelor’s degree or above in Computer Science.
At least 3 years working experience in network or information security related fields.
Familiar with ISO27001, ITIL related technical standards and control measures.
Familiar with common information security products and technical principles, e.g. system and network security, DLP, antivirus, encryption, SIEM, Zero Trust etc.
Security certification such as CISSP, CISA, CCNP, CCIE is preferred.
#J-18808-Ljbffr

**Line of Service**Internal Firm Services**Industry/Sector**Not Applicable**Specialism**IFS - Risk & Quality (R&Q)**Management Level**Associate**Job Description & Summary**At PwC, we help clients build trust and reinvent so they can turn complexity into competitive advantage. We’re a tech-forward, people-empowered network with more than 370,000 people in 149 countries. Across audit and assurance, tax and legal, deals and consulting we help clients build, accelerate and sustain momentum. Find out more at
If you love the business side of information security this is the place to be. Within the CISO pillar we work closely with member firm stakeholders to understand their business model and roadmap for technology.
In turn the CISO pillar outlines the roadmap for NIS and drives engagement and adoption of central security services in line with the PwC Cyber Readiness program.
Our mission is to identify, control, and reduce the attack surface across the network of member firms while increasing our adversaries’ cost of attack.
Network Information Security team is redefining cyber security on a global scale at PwC. Our mission protects 223,000 PwC members across 157 member firms worldwide, as well as our global clients.
If you are seeking an exciting career with the scope to grow your information and cyber security skills, then NIS will empower you to do so.**Roles & Responsibilities**:**Project Support:*** Assist in the planning, execution, and monitoring of projects.* Utilise strong critical thinking and problem solving skills day to day* Collaborate with team members to ensure project deliverables are met on time and within scope.* Prepare and maintain project documentation, including reports, presentations, and meeting minutes.* Quickly adapt to changing priorities and project requirements.* Demonstrate flexibility in managing tasks and responsibilities in a dynamic work environment.* Proactively identify and address potential issues or roadblocks to ensure smooth project execution.* Work with other NIS teams both locally, regionally and globally to deliver the security needs specific to the firm.**Compliance and Vulnerability Management:*** Support work in vulnerability management and compliance activities* Handles BAU activities such as managing security exceptions* Help the business comply with the Information Security Policy by leveraging your cyber security knowledge and expertise.* Collaborate with PwC IT and global team to align security process and tools.**Application Security:*** Guide and support the business team to complete all required security reviews* Build knowledge on application security to effectively support security assessments* Align with different global and local teams to identify and fix gaps or risk found.**Other*** Help with daily security incident handling* Help to manage junior staff, eg. internsAn effective CISO pillar candidate will also possess the following **skills/ Requirements*** Able to work in a fast-paced environment, can upskill quickly and learn proactively* Analytical: Inquisitive nature and intuition regarding what questions to ask, when, and their relative significance.* Technical: Broad understanding of security technology.* Business: High level understanding of PwC’s business model, service offerings, and business operating environment as it pertains to the firm’s threat landscape. Ability to frame threats and exposures in a business context recognized by non-technical staff and executives.* Individuals selected for this role are expected to have both extensive knowledge and managerial know-how related to the following aspects: Demonstrate flexibility in managing tasks and responsibilities in a dynamic work environment* Understanding of technical and non-technical information security risks.* Have skills to analyse data and visualise data (good to have knowledge of Excel, PowerPoint etc.)* Good written and effective communicator to deal with various stakeholders* Meticulous and possesses an eye for details* Proactive, keen to learn, enjoys solving challenging problems, thinking outside of the box* Diligent and open to feedback* Experience in a role balanced between business stakeholders and a central service organization.* Possess knowledge about application security to effectively support security assessments* Time and Task Management: Ability to prioritise risk, manage a variety of take, take ownership to drive completion of activities and deliver on time**Education and Experience**:* Interest in Information Security* Bachelor’s or master’s degree (technical degree) or equivalent Industry certification**Candidate Specifications:***Desired Certifications:** (Certifications aren’t a prerequisite however are well regarded)**Education Level:** Undergraduate Degree (e.g. BIT, BSc) STEM or equivalent work experience: 2 - 4 years’ of progressive professional roles involving information security, computer science and/or other technical background**Education** *(if blank, degree and/or field of study not specified)*Degrees/Field of Study required:Degrees/Field of Study preferred:**Certifications** *(if blank, certifications not specified)***Required Skills**Application Security, Application Security Assessment, Application Security Assessments, Application Security Reviews, Application Security Testing, Cybersecurity Controls, Cyber Security Standards, Security Vulnerability Assessments, Threat and Vulnerability Assessment, Vulnerability Assessments, Web Application Security, Web Application Security Testing**Optional Skills**Accepting Feedback, Accepting Feedback, Active Listening, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Governance, Data Architecture, Data Archiving, Data Flow Mapping, Data Privacy Act, Emotional Regulation, Empathy, Enterprise Content Management, Incident Response Plan, Inclusion, Information Rights Management (IRM), Information Security, Information Security Governance, Information Security Management System (ISMS), Intellectual Curiosity, IT Infrastructure, Operating Model, Optimism, Privacy and Security {+ 6 more}**Desired Languages** *(If blank, desired languages not specified)***Travel Requirements**0%NoNo**Job Posting End Date**
#J-18808-Ljbffr

Perform IT security operations involving activities such as security
log reviews, vulnerability assessments, security access review and
security configuration review to ensure compliance based on customers'
requirements. Critical Key Functions and Key Tasks Perform
Vulnerability Assessment Scanning

* Work with the internal project
team and customers to establish the in-scope inventories.

* Prepare the environment and complete the pre-scan activities.

* Conduct vulnerability assessment scanning using the designated tool.

* Review
the scan results, process the results, and issue the scan reports to
stakeholders. * Follow up with the internal teams on the remediation.
* Published the remediation status IT Security Incident Management

* Involved in IT Security Incident Response Team (SIRT)

* Work with internal teams to resolve the reported security incidents

* Provide periodic status updates to IT Security Manager IT Security Alerts &
Advisory

* Tracking of IT security alerts and advisory issued by SOC and threat intelligence authorities. * Inform the appropriate stakeholders on the alert notifications

* Track the progress of remediations by the respective teams to ensure proper closure

* Conduct Security Log reviews

* Perform review of security logs in accordance to the agreed frequency.

* Investigate and clarify any anomaly with the respective towers.

* Escalate potential security incidents to project team and customers for attention.

* Prepare periodic log review reports. Security Advisory and Briefing

* Be the point-of-contact/customer liaison to assist and advise customer for ICT security related matters

* Conduct in Weekly / Monthly meeting with Customers on security related matters.

* Prepare the content and material relevant to the projects

* Conduct information security awareness training Support Audit & Compliance

* Act as the liaison officer for the IT security reviews and audits

* Collate and review information requested by auditors from respective teams.

* Support the auditors during audit period.

* Work with the team to review and respond to audit issues.

* Work with the team to remediate audit findings.

* Monitor and track the closure of audit findings.

* Other Ad-hoc activities instructed by manager.