527 Security Management jobs in Singapore

Vulnerability Management Team Lead Job Summary

This role is responsible for leading vulnerability management efforts across APAC, ensuring timely identification and resolution of security gaps. The successful candidate will have a strong background in vulnerability management and information security, with proficiency in vulnerability assessment tools and techniques.

Main Responsibilities

• Lead vulnerability management efforts across APAC, ensuring timely identification and resolution of security gaps.
• Manage a team responsible for scanning, assessing, and tracking vulnerabilities in the APAC region.
• Identify and analyze the root causes of remediation delays or failures, reporting findings to management and risk committees.
• Collaborate with cross-functional teams to ensure compliance with security protocols and industry standards.
• Monitor and report on the status of vulnerabilities and mitigation efforts to key stakeholders.
• Provide expert guidance on vulnerability management tools and processes.
• Coordinate the response to security incidents, ensuring minimal business disruption.
• Define and document processes, workflows, and operation procedures to ensure consistent execution of vulnerability management life cycles.

Requirements

A strong background in vulnerability management and information security is required. Proficiency in vulnerability assessment tools and techniques is also essential. Experience in managing security incidents and implementing mitigation strategies is necessary. Familiarity with SIEM/SOAR platforms and scripting languages such as PowerShell and Python is preferred. A strong understanding of CVSS scoring, threat modeling, and risk prioritization is also required. Experience with vulnerability scanning tools is an advantage.

What We Offer

• The opportunity to work in a leading technology company.
• The chance to lead a critical function within a diverse and innovative environment.
• Exposure to cutting-edge tools and methodologies in vulnerability management.

AMC Founded in 2006, licensed by the Singapore Police Force, Police Licensing and Regulatory Department. offers custom security solutions suited to your demands. We work towards meeting the unique needs of every client, be it an enhancement to your current security set up or a complete overhaul that includes:

• Virtual patrolling
• Facial recognition access control
• Remote vehicular access control
• License plate recognition technology
• Visitor Management System

Job Summary:

We are looking for an experienced Senior SQL Server Database Administrator to join our Security Management System (SMS) project team. The role requires deep knowledge of Microsoft SQL Server in environments where data security, user access control, compliance, and audit integrity are critical. The ideal candidate will play a key role in managing and securing the back-end database infrastructure that supports identity management, access control, audit logging, encryption, and compliance reporting systems.

Key Responsibilities:

• Install, configure, and maintain SQL Server instances (2008–2022) supporting security management applications.
• Ensure system uptime, performance, and reliability for mission-critical security systems.
• Implement and manage Transparent Data Encryption (TDE), row-level security, and auditing features.
• Work with CyberArk, Active Directory, and internal IAM teams to manage secure authentication and credential storage.
• Ensure GDPR, ISO 27001, and other compliance standards are supported through secure database design and audit logging.
• Configure secure user roles, logins, and permissions.
• Design and implement high availability (HA) and disaster recovery (DR) solutions using Always On, Log Shipping, Replication, Mirroring, and Cluste
• Schedule and manage backups (Full, Differential, Transaction Log) using LiteSpeed or native tools.
• Implement and manage security measures, user access control, encryption (TDE), and secure configurations using tools like CyberArk
• Perform database migrations and upgrades across environments (e.g., SQL 2012/2014/2016 to SQL 2019/2022).
• Design access controls based on least-privilege and need-to-know principles.
• Manage integration with centralized identity providers (e.g., LDAP, AD).
• Implement and monitor encrypted backups and automated restoration processes.
• Regularly test recovery strategies for resilience against data loss and cyber incidents.
• Deploy Always On Availability Groups, clustering, and log shipping to support zero-downtime requirements in critical security environments.
• Monitor and tune SQL queries and indexing strategies to ensure responsiveness of SMS dashboards, audit reports, and incident logs.
• Work with application security developers to ensure data is retrieved efficiently and securely.
• Set up real-time monitoring for intrusion detection anomalies at the database layer.
• Use tools such as Zabbix, SolarWinds, and Foglight for performance and event tracking.
• Ensure all changes to the security system's database architecture follow strict change control processes.
• Maintain detailed documentation of all configurations, procedures, and compliance audits.

Required Qualifications:

• Bachelor's or Master's in Information Technology, Computer Science, or related field.
• Minimum of 10 years of hands-on experience managing SQL Server databases in secure environments.
• Deep expertise in SQL Server 2008–2022, including Always On, Clustering, TDE, and Auditing.
• Demonstrated experience working on security-critical platforms such as Identity Management, SIEM, or Audit Logging Systems.
• Familiar with TLS encryption, certificate management, security patching, and SQL security features.
• Experience integrating databases with CyberArk, ServiceNow, or other ITSM/security tools.
• Knowledge of Oracle 11g or other secondary RDBMS platforms is a plus.
• Working knowledge of SSIS and SSRS.
• Familiarity with database tools: LiteSpeed, Foglight, Zabbix, SolarWinds.
• Experience supporting compliance audits (e.g., SOC2, PCI-DSS, HIPAA).
• Microsoft certifications related to data security or cloud security (e.g., MS Azure Database Security).
• Experience working on or integrating with Physical Security Systems, Access Control Systems, or IAM platforms.

AMC Founded in 2006, licensed by the Singapore Police Force, Police Licensing and Regulatory Department. offers custom security solutions suited to your demands. We work towards meeting the unique needs of every client, be it an enhancement to your current security set up or a complete overhaul that includes:

• Virtual patrolling
• Facial recognition access control
• Remote vehicular access control
• License plate recognition technology
• Visitor Management System

Job Summary:

We are looking for an experienced Senior SQL Server Database Administrator to join our Security Management System (SMS) project team. The role requires deep knowledge of Microsoft SQL Server in environments where data security, user access control, compliance, and audit integrity are critical. The ideal candidate will play a key role in managing and securing the back-end database infrastructure that supports identity management, access control, audit logging, encryption, and compliance reporting systems.

Key Responsibilities:

• Install, configure, and maintain SQL Server instances (2008–2022) supporting security management applications.
• Ensure system uptime, performance, and reliability for mission-critical security systems.
• Implement and manage Transparent Data Encryption (TDE), row-level security, and auditing features.
• Work with CyberArk, Active Directory, and internal IAM teams to manage secure authentication and credential storage.
• Ensure GDPR, ISO 27001, and other compliance standards are supported through secure database design and audit logging.
• Configure secure user roles, logins, and permissions.
• Design and implement high availability (HA) and disaster recovery (DR) solutions using Always On, Log Shipping, Replication, Mirroring, and Cluste
• Schedule and manage backups (Full, Differential, Transaction Log) using LiteSpeed or native tools.
• Implement and manage security measures, user access control, encryption (TDE), and secure configurations using tools like CyberArk
• Perform database migrations and upgrades across environments (e.g., SQL 2012/2014/2016 to SQL 2019/2022).
• Design access controls based on least-privilege and need-to-know principles.
• Manage integration with centralized identity providers (e.g., LDAP, AD).
• Implement and monitor encrypted backups and automated restoration processes.
• Regularly test recovery strategies for resilience against data loss and cyber incidents.
• Deploy Always On Availability Groups, clustering, and log shipping to support zero-downtime requirements in critical security environments.
• Monitor and tune SQL queries and indexing strategies to ensure responsiveness of SMS dashboards, audit reports, and incident logs.
• Work with application security developers to ensure data is retrieved efficiently and securely.
• Set up real-time monitoring for intrusion detection anomalies at the database layer.
• Use tools such as Zabbix, SolarWinds, and Foglight for performance and event tracking.
• Ensure all changes to the security system's database architecture follow strict change control processes.
• Maintain detailed documentation of all configurations, procedures, and compliance audits.

Required Qualifications:

• Bachelor's or Master's in Information Technology, Computer Science, or related field.
• Minimum of 10 years of hands-on experience managing SQL Server databases in secure environments.
• Deep expertise in SQL Server 2008–2022, including Always On, Clustering, TDE, and Auditing.
• Demonstrated experience working on security-critical platforms such as Identity Management, SIEM, or Audit Logging Systems.
• Familiar with TLS encryption, certificate management, security patching, and SQL security features.
• Experience integrating databases with CyberArk, ServiceNow, or other ITSM/security tools.
• Knowledge of Oracle 11g or other secondary RDBMS platforms is a plus.
• Working knowledge of SSIS and SSRS.
• Familiarity with database tools: LiteSpeed, Foglight, Zabbix, SolarWinds.
• Experience supporting compliance audits (e.g., SOC2, PCI-DSS, HIPAA).
• Microsoft certifications related to data security or cloud security (e.g., MS Azure Database Security).
• Experience working on or integrating with Physical Security Systems, Access Control Systems, or IAM platforms.

Job Description:

">
• The successful candidate will be responsible for providing support to update, review, and refresh Cyber Security frameworks, policies, standards, and guidelines.
">
• This includes cultivating a healthy Cyber Security risk culture and working closely with Technology partners to shape a proactive and anticipatory risk culture.
">
• Cyber Security assessments will be conducted to ensure the effectiveness of Cyber Security related controls.
">
• The candidate must also track, monitor, and validate all Cyber Security risk remediation timely.
">
• A key responsibility will be to prepare and present the Cyber Security risk report to all relevant committees.
">
• Active participation in all Cyber Security incident matters is expected.
">
• Staying up-to-date with the latest Cyber Security developments is crucial.
">

Requirements:

">
• A degree in Computer Science, Engineering, Information System, or any relevant academic stream is required.
">
• At least 2 years of experience in Cyber Security is necessary.
">
• Good understanding of MAS Technology Risk and Cyber Security requirements is essential.
">
• Familiarity with industry security standards such as NIST, COBIT, and ISO 27001 is required.
">
• Excellent communication and presentation skills are necessary.
">

At AIA we’ve started an exciting movement to create a healthier, more sustainable future for everyone.

As pioneering innovators for over 100 years, we’re now transforming our organisation to be faster, simpler and more connected. Because we want to be even better equipped to develop digital solutions and experiences that help more people live Healthier, Longer, Better Lives.

To get there, we need people with tech/digital/analytics expertise and passion to help develop positive, sustainable change through digitally enhanced experiences that will impact the lives of millions of people and create a healthier future for everyone.

If you believe in developing a better tomorrow, read on.

About The Role

This position is responsible for overseeing the Third-Party Security Risk Management domain, providing consultation, professional advice on information security and key technology risk matters relating to the mentioned geographical responsibilities, thereby adding value to building a strong information security risk culture centered on people, processes and technology. The role will require good understanding of security requirements in the financial industry, technology risk management methodology and the ability to work cohesively with internal and external stakeholders to maintain the highest standard of security.

What You’ll Be Doing

Third-Party Security Risk Management

• Manage the process of assessing and evaluating the security postures of third- party vendors and partners. The includes monitoring of third-party security assessment renewal, assigning the renewal reviews within the team and working closely with outsourced assessors on the status of Third-Party Security Assessments (TPSAs).
• Perform due diligence and risk assessments on third party vendors, ensure their compliance to regulatory requirements as well as Group and Local policy and standards.
• Third Party Uplift Initiatives to improve the customer experiences.
• Client Security Agreement – review clients’ contracts clauses to ensure alignment with company’s security policies and practices.
• Audit and Regulatory Management - support and responding to audit queries and to be involved in control assessment related to Risk Management.
• May be assigned to drive or support other initiative like security assessment services.
  
  

• The role may be called upon to lead or be involved in ensuring governance of specialized areas under information security, such as cloud security, application security, etc.
• Work closely with stakeholders including Technology risk management, Risk and Compliance, Legal, Business as well as other departments within Technology.
  
  

• University degree in one of the following or related disciplines (Computer Science, Computer Engineering, Information Systems, Cyber Security)
• Preferably a holder of one or more of the following information security and audit qualifications: CISSP, CISA, CRISC, CCSP
• At least 8-12 years of IT experience, audit, risk management roles, with good expertise and knowledge of governance reporting of technology risk issues and cyber security
• Rich working experience from financial industry is preferred
• Experience and exposure in MAS TRMG and relevant notices, information security standards and audits such as ISO27001, NIST standard, SOC2 and OSPAR will be an advantage
• Strong knowledge of KRIs and metrics development for security and risk management reporting
• Project Management experience is an advantage
• Good Communication, Coordination and Interpersonal Skills
• Mature-thinking, meticulous, strong problem-solving and analytical traits
• High drive, energy and good attitude over teamwork
• Ability to work independently, with high levels of professional integrity
• Eagerness to learn and develop one’s knowledge in information security and risk management
  
  
  

ABOUT AIA

For over a century, AIA has served the ever-changing needs of our customers across Asia-Pacific. Our Purpose to help millions of people live Healthier, Longer, Better Lives is at the heart of everything we do.

As pioneering innovators, we’re now transforming AIA to be faster, simpler and more connected to create better solutions and impactful experiences for our customers and communities. AIA encourages and enables our people to act with clarity, courage and humanity in service of our Purpose.

JOIN US

At AIA, we believe in empowering every one of our people to find their 'better' - in the work they do, the career they build, the life they live and the difference they make. Whether it’s investing better wellbeing, inspiring better learning, building better relationships, or making a better impact on customers, a career at AIA will challenge you to find new ways to pursue your ‘better’.

AIA is committed to building a vibrant, diverse, and inclusive workforce for all employees to thrive in. Join us if you believe in creating a better tomorrow!

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Finance and Sales
• Industries Insurance

Referrals increase your chances of interviewing at AIA Singapore by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Jurong, Singapore

Marine Industry

• Perform periodic cybersecurity vulnerability assessments and collaborate with Group IT, SOC or Project teams for remediation.
• Implement system hardening and conduct regular security compliance checks.
• Provide cybersecurity awareness training and advisory services to the business unit including security messages, eLearning or webinars.
• Respond to cybersecurity incidents and work with internal teams for investigation and remediation.
• Review and update project security devices and company policies to ensure security compliance eg. Firewall, Intrusion Protection System, Web Proxy, Web Application Firewall (WAF), Network Access Control (NAC), Antivirus, Data Loss Prevention (DLP)
• Support audits and review cybersecurity-related clauses in project contracts.
• Audit existing projects on security compliance against relevant policies such as company and Authority's policies or industry standards eg. CIS benchmark level
• Assist to conduct security scans for Indicators of Compromise (IOC), vulnerability assessment of the Computing Environment or potential security threats as directed by the Authority or CISO.
• Assist in resolving project security gaps which are needed by project teams to enhance their security posture or audit compliance.

• Bachelor's degree in Computer Science, Information Systems, or related field.
• Proficient in various cybersecurity technologies and protocols to identify, prevent, and mitigate threats.
• Strong understanding of risk management and incident response procedures.
• Good understanding of compliance requirements for data privacy and protection in the relevant industry.
• Good knowledge of regional and global cybersecurity frameworks, such as NIST, ISO 27001, SOC 2, and CIS Controls.
• Flexibility in working hours including willingness to start work early.

Cybersecurity Expertise Specialist

The Cybersecurity Expertise Specialist plays a vital role in evaluating the organization's cybersecurity posture by simulating real-world attacks and identifying vulnerabilities across systems, applications, and networks. This position directly supports audit objectives by validating the effectiveness of security controls, ensuring regulatory compliance, and mitigating operational risks.

This expert will work closely with internal teams to track remediation efforts and verify closure. The ideal candidate should possess extensive knowledge of information security and have hands-on experience in penetration testing, secure code review, and Kali Linux tools.

Main Responsibilities

• Conduct comprehensive penetration tests on applications, databases, systems, and networks to identify security vulnerabilities.
• Prepare detailed reports on findings and propose measures to address identified vulnerabilities.
• Collaborate with IT, risk, and compliance teams to track remediation efforts and verify closure.
• Solve complex problems using critical thinking skills and creativity.

Key Qualifications

• At least 5 years of hands-on penetration testing experience for web applications, mobile applications, APIs, networks, databases, and load testing.
• Extensive knowledge of information security and familiarity with systems and operational architecture of large internet companies or online business models.
• Degree in computer science/computer engineering/information security or equivalent.
• Familiarity with systems and operational architecture of large internet companies or online business models.

At AIA we've started an exciting movement to create a healthier, more sustainable future for everyone.

As pioneering innovators for over 100 years, we're now transforming our organisation to be faster, simpler and more connected. Because we want to be even better equipped to develop digital solutions and experiences that help more people live Healthier, Longer, Better Lives.

To get there, we need people with tech/digital/analytics expertise and passion to help develop positive, sustainable change through digitally enhanced experiences that will impact the lives of millions of people and create a healthier future for everyone.

If you believe in developing a better tomorrow, read on.

About the Role

This position is responsible for overseeing the Third-Party Security Risk Management domain, providing consultation, professional advice on information security and key technology risk matters relating to the mentioned geographical responsibilities, thereby adding value to building a strong information security risk culture centered on people, processes and technology. The role will require good understanding of security requirements in the financial industry, technology risk management methodology and the ability to work cohesively with internal and external stakeholders to maintain the highest standard of security.

WHAT YOU'LL BE DOING
Third-Party Security Risk Management

• Manage the process of assessing and evaluating the security postures of third- party vendors and partners. The includes monitoring of third-party security assessment renewal, assigning the renewal reviews within the team and working closely with outsourced assessors on the status of Third-Party Security Assessments (TPSAs).
  
• Perform due diligence and risk assessments on third party vendors, ensure their compliance to regulatory requirements as well as Group and Local policy and standards.
  
• Third Party Uplift Initiatives to improve the customer experiences.
  
• Client Security Agreement - review clients' contracts clauses to ensure alignment with company's security policies and practices.
  
• Audit and Regulatory Management - support and responding to audit queries and to be involved in control assessment related to Risk Management.
  
• May be assigned to drive or support other initiative like security assessment services.
  

• The role may be called upon to lead or be involved in ensuring governance of specialized areas under information security, such as cloud security, application security, etc.
  
• Work closely with stakeholders including Technology risk management, Risk and Compliance, Legal, Business as well as other departments within Technology.
  

• University degree in one of the following or related disciplines (Computer Science, Computer Engineering, Information Systems, Cyber Security)
  
• P referably a holder of one or more of the following information security and audit qualifications: CISSP, CISA, CRISC, CCSP
  
• At least 8-12 years of IT experience, audit, risk management roles, with good expertise and knowledge of governance reporting of technology risk issues and cyber security
  
• Rich working experience from financial industry is preferred
  
• Experience and exposure in MAS TRMG and relevant notices, information security standards and audits such as ISO27001, NIST standard, SOC2 and OSPAR will be an advantage
  
• Strong knowledge of KRIs and metrics development for security and risk management reporting
  
• Project Management experience is an advantage
  
• Good Communication, Coordination and Interpersonal Skills
  
• Mature-thinking, meticulous, strong problem-solving and analytical traits
  
• High drive, energy and good attitude over teamwork
  
• Ability to work independently, with high levels of professional integrity
  
• Eagerness to learn and develop one's knowledge in information security and risk management
  

We would like to remind you that eFinancialCareers is a job board and does not conduct hiring or ask for payment or any financial details as part of the job application process.

If you receive any suspicious messages claiming to be from us or a hiring company, we urge you not to click on any links and not to reply to the message itself.

Instead, please report the message to our support team at .

It is advisable to always verify job offers directly with the hiring company.

AIA Group Limited and its subsidiaries (collectively “AIA” or the “Group”) comprise the largest independent publicly listed pan-Asian life insurance g.

More Jobs From AIA Singapore Private Limited

Boost your career Find thousands of job opportunities by signing up to eFinancialCareers today.

About This Role

We are seeking an Information Security Specialist to join our team. The successful candidate will be responsible for assisting with the day-to-day operations of securing our information systems.