225 Security Governance jobs in Singapore

Senior Security Governance Engineer - Infrastructure Security
About The Team
We are looking for a senior security engineer to support security governance projects and optimise security tool operations. This role requires a strong technical foundation in security engineering, risk management, and automation, along with the ability to drive security initiatives, improve workflows, and collaborate across teams.
Responsibilities
Drive security risk governance projects by identifying vulnerabilities, prioritizing remediation efforts, and working with teams to implement security controls.
Conduct deep technical assessments of network architecture, infrastructure operations, and internal core systems to proactively mitigate security risks.
Work closely with Engineering, Infrastructure, and DevOps teams to integrate security best practices into system design, ensuring reliability, scalability, and security.
Requirements
Minimum 3 years of experience in cybersecurity, security governance, security tool operations, or infrastructure-related fields.
Familiar with real world intrusions, in-depth understanding of the how common hacking tools and attacking vectors work.
Strong hands‐on experience in proactively identifying technical / procedural risks related to IT infrastructures.
Proficiency in security automation and scripting (Python, Bash, or similar).
In‐depth knowledge of infrastructure security, vulnerability management, and system hardening across on‐premise and cloud environments.
Strong analytical and problem‐solving skills, with the ability to manage multiple security initiatives while balancing operational demands.
Excellent project management, documentation, and communication skills, ensuring alignment with cross‐functional teams and leadership.
Ability to translate complex security risks into actionable insights for both technical and non‐technical stakeholders.
Seniority Level: Mid‐Senior level
Employment Type: Full‐time
Job Function: Information Technology
Industries: Software Development, Internet Marketplace Platforms, and Technology, Information and Internet
#J-18808-Ljbffr

Overview
Binance Accelerator Program - Security Governance is a full-time role (able to work at least four days a week) for students or fresh graduates, located in Asia. This position is with Binance, a leading global blockchain ecosystem known for security, transparency, and a broad range of digital-asset products.
Responsibilities
Security Policies Management - Documenting and updating security policies to improve security posture and regulatory compliance.
Audit Evidence Inventory - Creation, maintenance, and optimization of the inventory to facilitate security project workflows.
Security Awareness Training Program - Develops content, distributes training, and facilitates sessions to raise the Company’s security awareness in collaboration with security and business teams.
Regulation Research - Collecting, organizing, and consolidating cybersecurity laws and regulations related to the digital asset industry.
Security Project Support - Participating in security projects to raise the maturity of the Company’s security.
Qualifications
Strong analytical skills with an achievement-focused mentality.
Students or Graduates from Cyber Security, Information Technology, Management Information Systems, or Computer Science are prioritized.
Business-level English and Chinese (Mandarin) preferred, both written and spoken.
Familiar with regulatory requirements such as EU GDPR, DORA, and other relevant data protection, cybersecurity, and operational resilience frameworks.
Experience with new technologies (e.g., blockchain, AI) is preferred.
Passion for cryptocurrency, digital assets, and Web3 is preferred.
Security or privacy qualifications (e.g., CISSP, CISM, CISA, CEH, SANS, CCSP, ISO 27001 Lead Auditor, IAPP CIPP/CIPM/CIPT) are a plus.
Why Binance
Shape the future with the world’s leading blockchain ecosystem
Collaborate with world-class talent in a user-centric global organization with a flat structure
Tackle unique, fast-paced projects with autonomy in an innovative environment
Thrive in a results-driven workplace with opportunities for career growth and continuous learning
Competitive salary and company benefits
Work-from-home arrangement (may vary by business team)
Binance is committed to being an equal opportunity employer. We believe that having a diverse workforce is fundamental to our success.
By submitting a job application, you confirm that you have read and agree to our Candidate Privacy Notice.
Senioriy level
Internship
Employment type
Full-time
Job function
Information Technology and Engineering
Industries: Technology, Information and Internet
#J-18808-Ljbffr

Job Objectives
The Security Governance Specialist role will support the Head of Security Governance in enhancing and maintaining the Security Governance within the Group Information Security(GIS) function in the Bank.
Key Responsibilities
This position will support senior Security Governance team members and work closely with various business, risk and technology stakeholders to:
Proactively assess the compliance exposure to current and emerging security-related regulatory requirements and plan & track remediation efforts.
Manage reverse third-party due diligence engagements related to GIS.
Manage audit, assurance and regulatory engagements related to GIS including ongoing knowledge management on queries and request for information.
Track and report against the technology KORI(Key Operational Risk Indicators)/KRIs and required security metrics.
Execution of the GIS KRCSA (Key Risk and Control Self Assessments).
Management policy, procedures and standards updates and control.
Manage various GIS initiatives and duties as assigned.
Key Requirements
Communicate effectively with a variety of internal and external teams and stakeholders.
Capable of managing a variety of priorities and deliverables with minimal guidance or supervision.
Ability to respond to any requests and issues on a timely basis.
Education
Diploma/Degree in engineering/Computer Science / IT/Cyber Security from a recognized education institution.
Professional Technology Risk Management/Cybersecurity related qualification will be favorable although not mandatory.
Knowledge of industry best practices.
Technical Skills
Overall experience 5+ years of experience.
2+ years of relevant experience in Security/IT governance disciplines.
Have a strong security risk and analytical mindset in approaching situations and interactions with stakeholders.
Effective negotiating skills and demonstrated sensitivity to working and interacting with stakeholders.
Good knowledge of Security concepts and practices.
Good knowledge of Security related guidelines and advisories from regulators.
Good with numbers for use in metrics.
Soft Skills
Good written and verbal communication skills and expertise in setting and managing stakeholder expectations.
Process aware mindset.
Strong analytical and problem-solving skills.
Effective time management and organizational skills.
Strong team player.
Able to work independently with minimal supervision.
High degree of attention to detail and discipline on tracking and managing the closure of identified gaps and issues.
Willing to learn quickly.
#J-18808-Ljbffr

Insider Threat Lead, Security Governance and Compliance
1 day ago Be among the first 25 applicants
Responsibilities
About the Team The Internal Threat Management team is responsible for managing and mitigating information security risks posed within the organisation. To ensure that the company's risk management and governance strategies are up to date and aligned across the organisation, this team is responsible for regular industry benchmarking and working with stakeholders from cross‐functional teams to perform regular risk assessments and align risk mitigation strategies. This team is also responsible for managing the optimization, operation, training, and data analysis of the internal threat platform and UEBA (User and Entity Behaviour Analytics) and DLP (Data Loss Prevention) platforms within the company.
Maintain a robust risk governance framework that supports internal threat management, ensuring it is aligned with the organisation’s overall risk management and compliance strategies.
Establish and manage processes for risk assessment, control testing, and risk mitigation related to internal threats, ensuring that these processes are effective and aligned with industry best practices.
Develop and define key risk metrics to assess the effectiveness of internal threat detection and mitigation strategies.
Continuously monitor and analyze internal threat data, identifying emerging trends, patterns, and areas of concern related to insider threats.
Develop and deliver regular risk reports for senior management, providing insights on the status and effectiveness of internal threat programs, key risk indicators, and threat trends.
Work closely with internal stakeholders to ensure that policies and procedures are properly followed and that risk management processes are integrated across departments.
Qualifications
Minimum Qualifications 1. Bachelor's degree or above, with a preference for majors in Information Security, Computer Science, Information Technology, privacy, risk or a related field. Professional certifications such as CISSP, CISM, CRISC, or CGEIT are highly desirable. 2. Minimum of 5 years of work experience, with at least 3 years of team management experience and a preference for experience in risk management and insider threat program. 3. Strong experience in data analysis and the ability to extract insights from complex risk data to identify patterns and trends. Expertise in developing dashboards and reports that clearly communicate complex risk data to senior management and non‐technical stakeholders. 4. Proficient in risk governance frameworks and best practices for internal threat management, including risk assessments, control testing, and compliance. 5. Solid understanding of insider threat risks, including data exfiltration, privilege abuse, policy violations, and insider fraud. 6. Strong communication skills, with the ability to translate complex risk‐related information into clear, actionable insights for diverse audiences.
Preferred Qualifications 1. Familiarity with regulatory requirements related to data protection and internal threat management (e.g., GDPR, CCPA, HIPAA). 2. Experience with designing, implementation and operation of commercial or in‐house UBA/UEBA solutions (e.g., Splunk, Exabeam) are highly desirable. 3. Experience with threat modeling methodologies (e.g., STRIDE, PASTA) to analyze and assess security threats within software applications, systems, and networks.
About Us
Founded in 2012, ByteDance's mission is to inspire creativity and enrich life. With a suite of more than a dozen products, including TikTok, Lemon8, CapCut and Pico as well as platforms specific to the China market, including Toutiao, Douyin, and Xigua, ByteDance has made it easier and more fun for people to connect, consume, and create content.
Why Join ByteDance
Inspiring creativity is at the core of ByteDance's mission. Our innovative products are built to help people authentically express themselves, discover and connect – and our global, diverse teams make that possible. Together, we create value for our communities, inspire creativity and enrich life - a mission we work towards every day. As ByteDancers, we strive to do great things with great people. We lead with curiosity, humility, and a desire to make impact in a rapidly growing tech company. By constantly iterating and fostering an "Always Day 1" mindset, we achieve meaningful breakthroughs for ourselves, our Company, and our users. When we create and grow together, the possibilities are limitless. Join us.
Diversity & Inclusion ByteDance is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At ByteDance, our mission is to inspire creativity and enrich life. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.
#J-18808-Ljbffr

About Us
Founded in 2012, ByteDance's mission is to inspire creativity and enrich life. With a suite of more than a dozen products, including TikTok, Lemon8, CapCut and Pico as well as platforms specific to the China market, including Toutiao, Douyin, and Xigua, ByteDance has made it easier and more fun for people to connect with, consume, and create content.
Why Join ByteDance
Inspiring creativity is at the core of ByteDance's mission. Our innovative products are built to help people authentically express themselves, discover and connect – and our global, diverse teams make that possible. Together, we create value for our communities, inspire creativity and enrich life - a mission we work towards every day.
As ByteDancers, we strive to do great things with great people. We lead with curiosity, humility, and a desire to make impact in a rapidly growing tech company. By constantly iterating and fostering an "Always Day 1" mindset, we achieve meaningful breakthroughs for ourselves, our Company, and our users. When we create and grow together, the possibilities are limitless. Join us.
Diversity & Inclusion
ByteDance is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At ByteDance, our mission is to inspire creativity and enrich life. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.
About the Team
The team is responsible for managing and mitigating information security risks posed within the organisation. To ensure that the company's risk management and governance strategies are up to date and aligned across the organisation, this team is responsible for working with stakeholders from cross-functional teams to perform regular risk assessments, designing and implementing risk mitigation controls. This team is also responsible for managing the optimization, operation, training, and data analysis of the internal threat platform and UEBA (User and Entity Behavior Analytics) and DLP (Data Loss Prevention) platforms within the company.
Responsibilities
Develop and maintain the organization's insider risk security governance framework, including risk scenario mapping to controls, policies, procedures, and standards that align with industry best practices and regulatory requirements. Such framework must be sufficiently detailed to allow ease of execution with clarity in roles and responsibility amongst stakeholders.
Communicate the insider threat governance framework to key stakeholders and build effective collaboration models with stakeholders with clear roles and responsibilities, transparent tracking of metrics and seamless management reporting.
Conduct regular security risk assessments to identify risk trends, vulnerabilities and alert patterns, and work with relevant departments to develop mitigation and remediation strategies.
Monitor and report on the effectiveness of security controls and the status of security risks to senior management. Communicate risk assessment and trend analysis findings, risks and gaps to both technical and non-technical program stakeholders.
Coordinate with IT and business units to ensure insider threat security measures are integrated into technology projects and business processes.
Identify and garner the support of internal and external stakeholders to collaborate on driving change, including risk remediation and leading parties involved to meet risk remediation objectives.
Translate business and technology requirements into relevant insider threat rules for operational teams to implement
Stay abreast of the latest security trends, threats, and technologies to continuously improve the organization's insider threat security posture.
Conduct analysis of large complex datasets involving insider risks, track metrics and identify gaps and vulnerabilities
Understanding emerging insider risks to build and improve proactive threat detection.
Minimum Qualifications
Bachelor's degree or above, with a preference for majors in Information Security, Computer Science, Information Technology, privacy, risk or a related field. Professional certifications such as CISSP, CISM, CRISC, or CGEIT are highly desirable.
Minimum of 5 years of work experience, with a preference for experience in DLP (Data Loss Prevention), UEBA (User and Entity Behavior Analytics), or security platforms-related work.
Experience with security risk assessment methodologies and tools.
Skilled in creating and maintaining risk registers, developing risk treatment plans, and effectively communicating risk posture to stakeholders at all levels of the organization.
Self-driven and results-oriented, enjoys challenging tasks, demonstrates enthusiasm for work, and can handle job pressures.
Excellent communication and interpersonal skills, with the ability to engage and influence stakeholders at all levels.
Proven ability to manage and prioritize multiple projects and tasks.
Preferred Qualifications
Hands on in-house experience with designing, implementation and operation of commercial or in-house UBA/UEBA solutions (e.g., Splunk, Exabeam) are highly desirable
Experience with threat modeling methodologies (e.g., STRIDE, PASTA) to analyze and assess security threats within software applications, systems, and networks.
#J-18808-Ljbffr

Location:
Singapore
Team:
Security
Employment Type:
Regular
Job Code:
A81144
Responsibilities
The team is responsible for managing and mitigating information security risks posed within the organisation. To ensure that the company's risk management and governance strategies are up to date and aligned across the organisation, this team is responsible for working with stakeholders from cross-functional teams to perform regular risk assessments, designing and implementing risk mitigation controls. This team is also responsible for managing the optimization, operation, training, and data analysis of the internal threat platform and UEBA (User and Entity Behavior Analytics) and DLP (Data Loss Prevention) platforms within the company.
About the Team
The team is responsible for managing and mitigating information security risks posed within the organisation. To ensure that the company's risk management and governance strategies are up to date and aligned across the organisation, this team is responsible for working with stakeholders from cross-functional teams to perform regular risk assessments, designing and implementing risk mitigation controls. This team is also responsible for managing the optimization, operation, training, and data analysis of the internal threat platform and UEBA (User and Entity Behavior Analytics) and DLP (Data Loss Prevention) platforms within the company.
Responsibilities
Develop and maintain the organization's insider risk security governance framework, including risk scenario mapping to controls, policies, procedures, and standards that align with industry best practices and regulatory requirements. Such framework must be sufficiently detailed to allow ease of execution with clarity in roles and responsibility amongst stakeholders.
Communicate the insider threat governance framework to key stakeholders and build effective collaboration models with stakeholders with clear roles and responsibilities, transparent tracking of metrics and seamless management reporting.
Conduct regular security risk assessments to identify risk trends, vulnerabilities and alert patterns, and work with relevant departments to develop mitigation and remediation strategies.
Monitor and report on the effectiveness of security controls and the status of security risks to senior management. Communicate risk assessment and trend analysis findings, risks and gaps to both technical and non-technical program stakeholders.
Coordinate with IT and business units to ensure insider threat security measures are integrated into technology projects and business processes.
Identify and garner the support of internal and external stakeholders to collaborate on driving change, including risk remediation and leading parties involved to meet risk remediation objectives.
Translate business and technology requirements into relevant insider threat rules for operational teams to implement
Stay abreast of the latest security trends, threats, and technologies to continuously improve the organization's insider threat security posture.
Conduct analysis of large complex datasets involving insider risks, track metrics and identify gaps and vulnerabilities
Understanding emerging insider risks to build and improve proactive threat detection.
Minimum Qualifications
Bachelor's degree or above, with a preference for majors in Information Security, Computer Science, Information Technology, privacy, risk or a related field. Professional certifications such as CISSP, CISM, CRISC, or CGEIT are highly desirable.
Minimum of 5 years of work experience, with a preference for experience in DLP (Data Loss Prevention), UEBA (User and Entity Behavior Analytics), or security platforms-related work.
Experience with security risk assessment methodologies and tools.
Skilled in creating and maintaining risk registers, developing risk treatment plans, and effectively communicating risk posture to stakeholders at all levels of the organization.
Self-driven and results-oriented, enjoys challenging tasks, demonstrates enthusiasm for work, and can handle job pressures.
Excellent communication and interpersonal skills, with the ability to engage and influence stakeholders at all levels.
Proven ability to manage and prioritize multiple projects and tasks.
Preferred Qualifications
Hands on in-house experience with designing, implementation and operation of commercial or in-house UBA/UEBA solutions (e.g., Splunk, Exabeam) are highly desirable
Experience with threat modeling methodologies (e.g., STRIDE, PASTA) to analyze and assess security threats within software applications, systems, and networks.
Job Information
About Us
Founded in 2012, ByteDance's mission is to inspire creativity and enrich life. With a suite of more than a dozen products, including TikTok, Lemon8, CapCut and Pico as well as platforms specific to the China market, including Toutiao, Douyin, and Xigua, ByteDance has made it easier and more fun for people to connect with, consume, and create content.
Why Join ByteDance
Inspiring creativity is at the core of ByteDance's mission. Our innovative products are built to help people authentically express themselves, discover and connect – and our global, diverse teams make that possible. Together, we create value for our communities, inspire creativity and enrich life - a mission we work towards every day.
As ByteDancers, we strive to do great things with great people. We lead with curiosity, humility, and a desire to make impact in a rapidly growing tech company. By constantly iterating and fostering an "Always Day 1" mindset, we achieve meaningful breakthroughs for ourselves, our Company, and our users. When we create and grow together, the possibilities are limitless. Join us.
Diversity & Inclusion
ByteDance is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At ByteDance, our mission is to inspire creativity and enrich life. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.
#J-18808-Ljbffr

Insider Threat Lead, Security Governance and Compliance
Location:
Team:
Security
Employment Type:
Regular
Job Code:
A44530
Share this listing:
Overview
The Internal Threat Management team is responsible for managing and mitigating information security risks posed within the organisation. This team ensures that risk management and governance strategies are up to date and aligned across the organisation, performing regular risk assessments and working with stakeholders from cross-functional teams. The team also manages the optimization, operation, training, and data analysis of the internal threat platform and UEBA (User and Entity Behavior Analytics) and DLP (Data Loss Prevention) platforms within the company.
Responsibilities
Maintain a robust risk governance framework that supports internal threat management, ensuring it is aligned with the organization’s overall risk management and compliance strategies.
Establish and manage processes for risk assessment, control testing, and risk mitigation related to internal threats, ensuring that these processes are effective and aligned with industry best practices.
Develop and define key risk metrics to assess the effectiveness of internal threat detection and mitigation strategies.
Continuously monitor and analyze internal threat data, identifying emerging trends, patterns, and areas of concern related to insider threats.
Develop and deliver regular risk reports for senior management, providing insights on the status and effectiveness of internal threat programs, key risk indicators, and threat trends.
Work closely with internal stakeholders to ensure that policies and procedures are properly followed and that risk management processes are integrated across departments.
Qualifications
Minimum Qualifications
Bachelor's degree or above, with a preference for majors in Information Security, Computer Science, Information Technology, privacy, risk or a related field. Professional certifications such as CISSP, CISM, CRISC, or CGEIT are highly desirable.
Minimum of 5 years of work experience, with at least 3 years of team management experience and a preference for experience in risk management and insider threat program.
Strong experience in data analysis and the ability to extract insights from complex risk data to identify patterns and trends. Expertise in developing dashboards and reports that clearly communicate complex risk data to senior management and non-technical stakeholders.
Proficient in risk governance frameworks and best practices for internal threat management, including risk assessments, control testing, and compliance.
Solid understanding of insider threat risks, including data exfiltration, privilege abuse, policy violations, and insider fraud.
Strong communication skills, with the ability to translate complex risk-related information into clear, actionable insights for diverse audiences.
Preferred Qualifications
Familiarity with regulatory requirements related to data protection and internal threat management (e.g., GDPR, CCPA, HIPAA).
Experience with designing, implementation and operation of commercial or in-house UBA/UEBA solutions (e.g., Splunk, Exabeam) are highly desirable.
Experience with threat modeling methodologies (e.g., STRIDE, PASTA) to analyze and assess security threats within software applications, systems, and networks.
Job Information
About Us
Founded in 2012, ByteDance's mission is to inspire creativity and enrich life. With a suite of more than a dozen products, including TikTok, Lemon8, CapCut and Pico as well as platforms specific to the China market, including Toutiao, Douyin, and Xigua, ByteDance has made it easier and more fun for people to connect with, consume, and create content.
Why Join ByteDance
Inspiring creativity is at the core of ByteDance's mission. Our innovative products are built to help people authentically express themselves, discover and connect – and our global, diverse teams make that possible. Together, we create value for our communities, inspire creativity and enrich life - a mission we work towards every day.
As ByteDancers, we strive to do great things with great people. We lead with curiosity, humility, and a desire to make impact in a rapidly growing tech company. By constantly iterating and fostering an "Always Day 1" mindset, we achieve meaningful breakthroughs for ourselves, our Company, and our users. When we create and grow together, the possibilities are limitless. Join us.
Diversity & Inclusion
ByteDance is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At ByteDance, our mission is to inspire creativity and enrich life. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.
#J-18808-Ljbffr

Insider Risk Specialist, Security Governance and Compliance
Location:
Team:
Security
Employment Type:
Regular
Job Code:
A81144
Share this listing:
Responsibilities
About the TeamThe team is responsible for managing and mitigating information security risks posed within the organisation. To ensure that the company's risk management and governance strategies are up to date and aligned across the organisation, this team is responsible for working with stakeholders from cross-functional teams to perform regular risk assessments, designing and implementing risk mitigation controls. This team is also responsible for managing the optimization, operation, training, and data analysis of the internal threat platform and UEBA (User and Entity Behavior Analytics) and DLP (Data Loss Prevention) platforms within the company.Responsibilities- Develop and maintain the organization's insider risk security governance framework, including risk scenario mapping to controls, policies, procedures, and standards that align with industry best practices and regulatory requirements. Such framework must be sufficiently detailed to allow ease of execution with clarity in roles and responsibility amongst stakeholders.- Communicate the insider threat governance framework to key stakeholders and build effective collaboration models with stakeholders with clear roles and responsibilities, transparent tracking of metrics and seamless management reporting.- Conduct regular security risk assessments to identify risk trends, vulnerabilities and alert patterns, and work with relevant departments to develop mitigation and remediation strategies.- Monitor and report on the effectiveness of security controls and the status of security risks to senior management. Communicate risk assessment and trend analysis findings, risks and gaps to both technical and non-technical program stakeholders.- Coordinate with IT and business units to ensure insider threat security measures are integrated into technology projects and business processes.- Identify and garner the support of internal and external stakeholders to collaborate on driving change, including risk remediation and leading parties involved to meet risk remediation objectives.- Translate business and technology requirements into relevant insider threat rules for operational teams to implement- Stay abreast of the latest security trends, threats, and technologies to continuously improve the organization's insider threat security posture.- Conduct analysis of large complex datasets involving insider risks, track metrics and identify gaps and vulnerabilities- Understanding emerging insider risks to build and improve proactive threat detection.
Qualifications
Minimum Qualifications- Bachelor's degree or above, with a preference for majors in Information Security, Computer Science, Information Technology, privacy, risk or a related field. Professional certifications such as CISSP, CISM, CRISC, or CGEIT are highly desirable.- Minimum of 5 years of work experience, with a preference for experience in DLP (Data Loss Prevention), UEBA (User and Entity Behavior Analytics), or security platforms-related work.- Experience with security risk assessment methodologies and tools.- Skilled in creating and maintaining risk registers, developing risk treatment plans, and effectively communicating risk posture to stakeholders at all levels of the organization.- Self-driven and results-oriented, enjoys challenging tasks, demonstrates enthusiasm for work, and can handle job pressures.- Excellent communication and interpersonal skills, with the ability to engage and influence stakeholders at all levels.- Proven ability to manage and prioritize multiple projects and tasks.Preferred Qualifications- Hands on in-house experience with designing, implementation and operation of commercial or in-house UBA/UEBA solutions (e.g., Splunk, Exabeam) are highly desirable- Experience with threat modeling methodologies (e.g., STRIDE, PASTA) to analyze and assess security threats within software applications, systems, and networks.
Job Information
About Us
Founded in 2012, ByteDance's mission is to inspire creativity and enrich life. With a suite of more than a dozen products, including TikTok, Lemon8, CapCut and Pico as well as platforms specific to the China market, including Toutiao, Douyin, and Xigua, ByteDance has made it easier and more fun for people to connect with, consume, and create content.
Why Join ByteDance
Inspiring creativity is at the core of ByteDance's mission. Our innovative products are built to help people authentically express themselves, discover and connect – and our global, diverse teams make that possible. Together, we create value for our communities, inspire creativity and enrich life - a mission we work towards every day.
As ByteDancers, we strive to do great things with great people. We lead with curiosity, humility, and a desire to make impact in a rapidly growing tech company. By constantly iterating and fostering an "Always Day 1" mindset, we achieve meaningful breakthroughs for ourselves, our Company, and our users. When we create and grow together, the possibilities are limitless. Join us.
Diversity & Inclusion
ByteDance is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At ByteDance, our mission is to inspire creativity and enrich life. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.
#J-18808-Ljbffr

Location: CBD, Singapore

Type: 1-year contract (with possible extension)

This is a leadership n Hands on role — you'll help set the strategy, make big decisions on security, and lead responses if anything goes wrong

You are tasked with keeping the company's IT systems and data secure.

This includes making sure there are strong security policies, protecting against cyber threats, and helping the company meet regulations.

You'll work closely with top management and teams across the company to manage risks and improve cybersecurity.

When need arises. you will need to hands on to solve the problems

.

Job scope:

Leadership

• Set and lead the company's overall IT security plan.
• Advise top leaders on cybersecurity matters.
• Create security rules and make sure everyone follows them.
• Help other departments understand and support security goals

Operations

• Manage the IT security budget carefully.
• Track performance — like system downtime, incident handling speed, and vendor performance.
• Make business cases to justify investments in security tools or projects.

Cybersecurity Incident Handling

• Keep improving systems to detect and prevent cyberattacks.(Leadership and Hands on)
• Monitor for threats and respond quickly if there's a breach.(Leadership and Hands on)

Compliance

• Identify and manage cybersecurity risks (including third-party/vendor risks).
• Ensure the company follows laws and industry standards (like MAS TRM, ISO 27001).
• Regularly check and report on security risks and how they're being handled.

Requirement

• A degree in Computer Science, IT with Certification :CISSP, CISM, CISA, CRISC, or CCSP.
• 5 years in IT Security n 3years in a leadership role like IT Security Manager or CISO.

Added advantage:

Finance or insurance domain.

Other Skills

• Strong knowledge of cybersecurity laws, risks, and standards.
• Ability to explain technical issues to non-technical people.
• Good leadership and teamwork skills.
• Experience with budgeting and running IT security projects.

What You'll Be Measured On:

• Annual cybersecurity strategy report
• Quarterly risk reports and dashboards
• Performance metrics (e.g: incident handling, cost efficiency)
• Budget usage and cost tracking
• Regular reviews of IT security performance and vendor quality

Work location :CBD

Whats on offer

(1) Attractive package

(2) Stable Management

(3) Dynamic work environment.

For better response, pls apply via job page

click job opening, click relevant position.

We regret that only shortlisted candidates will be notified.