245 Security Design jobs in Singapore

Posted 29 July 2025 Salary S$12000 - S$13000 per annum + Variable Bonus Location Singapore Job type Permanent Discipline Technology Reference 283869_1753768672

Our client is seeking an experienced Information Security Manager to lead and strengthen their security operations. This role will focus on monitoring, detecting, and responding to cyber threats, managing security technologies, driving vulnerability management initiatives, and ensuring compliance with industry regulations. The position will work closely with IT, engineering, and risk management teams to maintain a secure and resilient environment.

Key Responsibilities:

1. Security Operations & Incident Response

• Lead and enhance the operations of the Security Operations Center (SOC), ensuring timely monitoring, detection, and incident response.
• Manage and optimize the use of SIEM, EDR, IDS/IPS, and other security technologies.
• Oversee the full incident response lifecycle, including investigation, containment, eradication, and recovery.
• Conduct post-incident reviews and implement continuous improvements.

2. Vulnerability & Threat Management

• Coordinate vulnerability scanning, penetration testing, and remediation activities.
• Stay informed of emerging threats and ensure proactive security measures are implemented.
• Partner with IT and engineering teams to address vulnerabilities and harden systems.

3. Security Compliance & Risk Management

• Ensure compliance with relevant regulatory frameworks (e.g., PCI DSS, MAS TRM, GDPR).
• Support internal and external audits, risk assessments, and regulatory reviews.
• Maintain and continuously update security policies, standards, and procedures

4. Security Awareness & Collaboration

• Lead security awareness and training initiatives across the organization.
• Collaborate with DevOps and engineering teams to embed security into CI/CD pipelines.
• Engage with external vendors, partners, and law enforcement on security-related matters.

Key Requirements:

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• Minimum 5 years of experience in information security, with at least 2 years in a leadership or management role within security operations.
• Hands-on experience with security technologies such as SIEM (Splunk, Azure Sentinel), EDR, IDS/IPS, firewalls, and cloud security platforms (AWS, Azure, GCP).
• Strong understanding of threat intelligence, malware analysis, and forensic investigation tools.
• Knowledge of regulatory compliance frameworks, particularly within the financial services sector (PCI DSS, MAS TRM, GDPR).

If this job isn't quite right for you, but you know someone who would be great at this role, why not take advantage of our referral scheme? We offer SGD1,000 or SGD350 in shopping vouchers for every referred candidate who we place in a role. Terms & Conditions Apply.

Get AI-powered advice on this job and more exclusive features.

Direct message the job poster from Ambition

Overview:

Our client is seeking an experienced Information Security Manager to lead and strengthen their security operations. This role will focus on monitoring, detecting, and responding to cyber threats, managing security technologies, driving vulnerability management initiatives, and ensuring compliance with industry regulations. The position will work closely with IT, engineering, and risk management teams to maintain a secure and resilient environment.

Key Responsibilities:

1. Security Operations & Incident Response

• Lead and enhance the operations of the Security Operations Center (SOC), ensuring timely monitoring, detection, and incident response.
• Manage and optimize the use of SIEM, EDR, IDS/IPS, and other security technologies.
• Oversee the full incident response lifecycle, including investigation, containment, eradication, and recovery.
• Conduct post-incident reviews and implement continuous improvements.

2. Vulnerability & Threat Management

• Coordinate vulnerability scanning, penetration testing, and remediation activities.
• Stay informed of emerging threats and ensure proactive security measures are implemented.
• Partner with IT and engineering teams to address vulnerabilities and harden systems.

3. Security Compliance & Risk Management

• Ensure compliance with relevant regulatory frameworks (e.g., PCI DSS, MAS TRM, GDPR).
• Support internal and external audits, risk assessments, and regulatory reviews.
• Maintain and continuously update security policies, standards, and procedures

4. Security Awareness & Collaboration

• Lead security awareness and training initiatives across the organization.
• Collaborate with DevOps and engineering teams to embed security into CI/CD pipelines.
• Engage with external vendors, partners, and law enforcement on security-related matters.

Key Requirements:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• Minimum 5 years of experience in information security, with at least 2 years in a leadership or management role within security operations.
• Hands-on experience with security technologies such as SIEM (Splunk, Azure Sentinel), EDR, IDS/IPS, firewalls, and cloud security platforms (AWS, Azure, GCP).
• Strong understanding of threat intelligence, malware analysis, and forensic investigation tools.
• Knowledge of regulatory compliance frameworks, particularly within the financial services sector (PCI DSS, MAS TRM, GDPR).

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Information Services

Referrals increase your chances of interviewing at Ambition by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

The Cybersecurity Engineer will be responsible for designing and implementing secure, resilient system architectures while ensuring security is embedded throughout the development lifecycle. This role requires a deep understanding of cybersecurity frameworks, threat modeling, and risk mitigation strategies to protect enterprise systems against evolving threats.

• Secure System Architecture & Design:
  • Design and implement robust security architectures for enterprise systems, applications, and cloud environments.
  • Develop security blueprints, reference architectures, and design patterns to standardize secure development practices.
  • Ensure security-by-design principles are integrated into all phases of the Software Development Lifecycle.
• Risk Mitigation & Threat Modeling:
  • Conduct threat modeling (e.g., STRIDE, DREAD) to identify vulnerabilities in system designs.
  • Define security controls to mitigate risks from emerging technologies (e.g., cloud, IoT, AI).
  • Perform security impact assessments for new business initiatives and technology deployments.
• Security Integration & Compliance:
  • Align security architectures with industry standards (NIST CSF, ISO 27001, CIS, OWASP).
  • Ensure compliance with regulatory requirements (GDPR, HIPAA, PCI-DSS, SOC 2).
  • Collaborate with DevSecOps teams to integrate security into CI/CD pipelines.
• Security Documentation & Governance:
  • Produce detailed security design documents, including:
    Security architecture diagrams
    Data flow models with security controls
    Encryption and access control policies
  • Maintain security baselines for systems and applications.
  • Support audits, penetration tests, and vulnerability assessments.

• Education & Experience
  • Bachelor's/Master's in Cybersecurity, Computer Science, or related field.
  • 3-5+ years in cybersecurity, with a focus on secure architecture design, risk assessment, or cloud security.
  • Hands-on experience with:
    Cloud security (AWS/Azure/GCP) and hybrid environments.
    Identity & Access Management (IAM), PKI, and encryption.
    SIEM, EDR/XDR, firewalls, and network security.
• Technical Competencies
  • Security Frameworks: NIST, ISO 27001, CIS, MITRE ATT&CK.
  • Threat Modeling Tools: Microsoft Threat Modeling Tool, OWASP Threat Dragon.
  • Security Automation: Experience with IaC (Terraform, Ansible) and DevSecOps tools (GitLab, Jenkins).
• Certifications (Preferred)
  • CISSP, CCSP, CISA, CISM, AWS/Azure Security, SABSA, TOGAF.
• Soft Skills
  • Strong analytical and problem-solving abilities.
  • Ability to translate technical risks into business impacts.
  • Excellent communication and stakeholder management skills.

This is a challenging role for an experienced Cyber Security Specialist to join our organization as a key member of the team. As a Cyber Security Expert, you will be responsible for deploying, configuring and maintaining CyberArk components across various systems and environments.

• CyberArk Deployment and Maintenance:
• Manage the onboarding and lifecycle of privileged accounts across various systems and environments.
• Implement CyberArk policies and security best practices to align with compliance and regulatory standards.
• Develop and maintain automation scripts and integrations with CyberArk using REST APIs, PowerShell, and other tools.
• Monitor and troubleshoot CyberArk infrastructure and user issues, providing escalation support as needed.

• CyberArk Certified Delivery Engineer (CDE) certification.
• At least 3 years of experience implementing and supporting CyberArk solutions in enterprise environments.
• Strong scripting skills (PowerShell, Python, etc.) and experience using CyberArk APIs.
• Understanding of identity and access management (IAM) concepts, Zero Trust, and least privilege.

• Sentry experience or certification.
• CyberArk Defender or Guardian certification(s).
• Familiarity with cloud PAM implementations (AWS, Azure, GCP).
• Experience with SIEM tools and security monitoring.

Job Title: Information Security Expert

We are seeking an experienced Information Security Expert to join our team.

This is a highly specialized role that requires extensive knowledge of IT system security and infrastructure security. The successful candidate will have at least 5 years of experience in monitoring the availability, operational stability, and system performance of server/network components of security tools installed in the organization.

The ideal candidate will be proficient in developing, testing, and deploying scripts for software and/or agent upgrades and bug fixes when required. They should also be able to participate in Disaster Recovery exercises when needed and willing to learn and support new products.

Key Responsibilities:

1. Develop, test, and deploy scripts for software and/or agent upgrades and bug fixes
2. Participate in Disaster Recovery exercises
3. Monitor the availability, operational stability, and system performance of server/network components of security tools
4. Support the implementation of cybersecurity policies and procedures
5. Collaborate with cross-functional teams to ensure effective communication and project delivery

Requirements:

• 5+ years of experience in Cyber Security, IT System Security, and infrastructure security
• Proficient skills in developing, testing, and deploying scripts for software and/or agent upgrades and bug fixes
• Ability to participate in Disaster Recovery exercises
• Excellent communication and collaboration skills

What We Offer:

A competitive compensation package and opportunities for career growth and development in a dynamic and innovative work environment.

• Manage the onboarding and lifecycle of privileged accounts across various systems and environments.
• Implement CyberArk policies and security best practices to align with compliance and regulatory standards.
• Develop and maintain automation scripts and integrations with CyberArk using REST APIs, PowerShell, and other tools.
• Monitor and troubleshoot CyberArk infrastructure and user issues, providing escalation support as needed.
• Troubleshoot and remediate CyberArk Central Policy Manager (CPM) failures, including credential rotation errors, connectivity issues, and policy misconfigurations.
• Analyse CPM logs and error codes to identify root causes and implement durable solutions in collaboration with infrastructure and application teams.
• Perform health checks and tuning of CPM components to ensure stability and optimal performance.
• Basic understanding of custom CPM and PSM connectors for target platforms not natively supported by CyberArk.
• Work with application owners to gather requirements for new connectors, create integration documentation, and test connector functionality in pre-production environments.
• Leverage scripting (e.g., PowerShell, Python) to enhance connector behaviour and automate remediation tasks.
• Contribute to the connector certification process and maintain version control for custom components.
• Assist with audits, documentation, and reporting of privileged access activities.
• Work with IT, DevOps, and Security teams to integrate PAM solutions into existing workflows.
• Stay up to date with emerging threats, PAM trends, and CyberArk product updates.

• CyberArk Certified Delivery Engineer (CDE) certification (must-have)
• 3+ years of experience implementing and supporting CyberArk solutions in enterprise environments
• Proficiency with CyberArk components and architecture
• Strong scripting skills (PowerShell, Python, etc.) and experience using CyberArk APIs
• Understanding of Identity and Access Management (IAM) concepts, Zero Trust, and least privilege
• Solid knowledge of Windows/Linux systems, Active Directory, and network security fundamentals

• Experience or certification with Sentry
• CyberArk Defender or Guardian certification(s)
• Familiarity with cloud PAM implementations (AWS, Azure, GCP)
• Experience with SIEM tools and security monitoring
• Bachelor's degree in Computer Science, Information Security, or related field

As a Cyber Security Professional, you will be responsible for safeguarding digital assets by identifying and mitigating potential security risks.

The key focus of this role is on the effective management and optimization of security systems. You will need to ensure they provide actionable intelligence for rapid threat response.

• Ensure accurate and timely response to security events
• Analyze security logs, alerts, and incident reports to identify and mitigate risks
• Respond to and investigate security incidents, including breaches, malware outbreaks, and phishing attacks
• Monitor networks and systems for security breaches, alerts, and anomalous activity
• Conduct root-cause analysis to prevent future incidents and develop incident response procedures
• Provide analysis and trending of security log data from various security devices
• Configure and maintain security tools to align with organizational security objectives and threat landscape
• Create custom dashboards and reports for different stakeholders to visualize critical security metrics and incident data
• Develop and optimize security content, including rules, alerts, and correlation logic, to improve threat detection and response
• Regularly review and tune security rules to reduce false positives, enhance event correlation, and maintain relevance to evolving threats
• Document and update security processes and configurations, ensuring high level of data accuracy and availability
• Perform regular vulnerability scans and assist in patch management processes. Work with IT teams to prioritize and remediate them
• Recommend solutions to mitigate risks in any activity that may potentially impact security of existing IT and information management
• Ensure compliance with industry regulations (e.g. GDPR, ISO 27001) and organizational policies
• Assist in development, implementation, and maintenance of security policies, standards, and guidelines
• Assist in training staff on security best practices, including phishing awareness and data protection
• Help develop educational materials and conduct periodic security awareness training
• Advise and consult internal/ external customers on risk assessment, threat modelling and vulnerability management. Perform risk assessments and recommend security measures to mitigate potential risks
• Document risks, vulnerabilities, and remediation strategies in detailed risk management report
• Maintain up-to-date knowledge of IT security industry, including awareness of new or revised security solutions, improved security processes and development of new attacks and threat vectors
• Manage and optimize security tools, such as firewalls, antivirus software, and intrusion detection/prevention systems (IDPS)
• Perform 1st level troubleshooting on servers and network issues with regards to log collection/ security tools
• Generate reports on security metrics, incidents, and remediation efforts for management
• Maintain accurate documentation of incidents, security changes, and system configurations

This role requires strong understanding of security best practices, hands-on experience with various security tools, and ability to respond quickly and effectively to emerging threats. You will need to have excellent communication skills, with ability to explain complex security concepts to non-technical stakeholders.

You should have Bachelor Degree or Advanced Diploma in Computer Science, Information Technology, Cybersecurity from recognized university or related field (or equivalent experience). At least 1-3 years in cybersecurity role, with hands-on experience in SIEM content management, network security, threat monitoring, or incident response are required.

We are seeking an experienced Senior Cybersecurity Specialist to lead and strengthen our cybersecurity operations across the region.

This is a critical role where you will be responsible for managing the overall security operations framework - covering threat detection, incident response, vulnerability management, and compliance while working closely with IT, engineering, and risk stakeholders.

• Cybersecurity Framework & Operations Management

• Lead the Security Operations Center (SOC) to monitor, detect, and respond to cybersecurity threats and incidents.

• Manage security solutions such as SIEM, EDR, and IDS/IPS to enhance visibility and response capabilities.

• Oversee and coordinate incident response activities including investigation, containment, recovery, and post-incident review.

• Vulnerability Assessment & Threat Intelligence

• Conduct and manage regular vulnerability assessments and penetration testing.

• Collaborate with internal teams to ensure timely remediation of security gaps.

• Track and assess evolving threats and proactively implement preventive measures.

• Cybersecurity Governance & Compliance

• Ensure compliance with relevant standards and frameworks such as PCI DSS, MAS TRM, and GDPR.

• Support internal/external audits and regulatory reviews.

• Maintain and update cybersecurity policies, standards, and documentation.

• Cybersecurity Awareness & Training

• Drive security awareness training across the organization.

• Partner with DevOps/engineering teams to embed security practices into CI/CD pipelines.

• Liaise with vendors, regulators, and external partners on security-related matters.

• Bachelor's degree in Cybersecurity, Computer Science, or a related discipline.

• At least 5 years of experience in cybersecurity, with 2+ years in a leadership or SOC management role.

• Hands-on experience with modern security tools including SIEM (Splunk, Sentinel), EDR, firewalls, and cloud security platforms (AWS, Azure, GCP).

• Solid knowledge of incident handling, threat intelligence, malware analysis, and digital forensics.

• Familiarity with financial sector regulations such as PCI DSS and MAS TRM is highly preferred.

• Strong leadership, stakeholder engagement, and communication skills.