218 Security Strategy jobs in Singapore

Overview
Senior Executive (Security Planning & Development) - 1-Year Contract
at
JTC Corporation .
What The Role Is
As part of its efforts to meet desired security outcomes, the Jurong Island Planning and Development Team has embarked on implementing various projects at Jurong Island and its Check Point. These projects' key features integrate people, processes, and technology to drive security outcomes and increase productivity.
What You Will Be Working On
The team is seeking a dynamic individual to join the team in implementing and operationalising these projects. You will have the opportunity to participate in and experience procurement processes, including supporting tender specifications, evaluation, and award. Additionally, you will assist the Project Manager in coordinating and managing assigned projects. Throughout the project implementation, you will have opportunities to engage with external entities such as vendors and state agencies.
What We Are Looking For
Are you dynamic, resourceful, and willing to be part of an exceptional team? Do you have a desire to learn, engage, and go the extra mile? If you're looking for a challenging role and are keen to develop a passion for your work, we encourage you to submit your CV.
Prior experience in related areas such as security, project management, or procurement and contract management would be highly valued. Experience in state agency deployments or implementation of security technologies would be an added advantage. However, if you lack experience in these areas, we still welcome your application. With a positive attitude and willingness to learn, anything is possible.
Prior experience in security, project management, or procurement and contract management is valued
Experience in state agency deployments or implementation of security technologies is an added advantage
Positive attitude and willingness to learn
#J-18808-Ljbffr

Location: CBD, Singapore

Type: 1-year contract (with possible extension)

This is a leadership n Hands on role — you'll help set the strategy, make big decisions on security, and lead responses if anything goes wrong

You are tasked with keeping the company's IT systems and data secure.

This includes making sure there are strong security policies, protecting against cyber threats, and helping the company meet regulations.

You'll work closely with top management and teams across the company to manage risks and improve cybersecurity.

When need arises. you will need to hands on to solve the problems

.

Job scope:

Leadership

• Set and lead the company's overall IT security plan.
• Advise top leaders on cybersecurity matters.
• Create security rules and make sure everyone follows them.
• Help other departments understand and support security goals

Operations

• Manage the IT security budget carefully.
• Track performance — like system downtime, incident handling speed, and vendor performance.
• Make business cases to justify investments in security tools or projects.

Cybersecurity Incident Handling

• Keep improving systems to detect and prevent cyberattacks.(Leadership and Hands on)
• Monitor for threats and respond quickly if there's a breach.(Leadership and Hands on)

Compliance

• Identify and manage cybersecurity risks (including third-party/vendor risks).
• Ensure the company follows laws and industry standards (like MAS TRM, ISO 27001).
• Regularly check and report on security risks and how they're being handled.

Requirement

• A degree in Computer Science, IT with Certification :CISSP, CISM, CISA, CRISC, or CCSP.
• 5 years in IT Security n 3years in a leadership role like IT Security Manager or CISO.

Added advantage:

Finance or insurance domain.

Other Skills

• Strong knowledge of cybersecurity laws, risks, and standards.
• Ability to explain technical issues to non-technical people.
• Good leadership and teamwork skills.
• Experience with budgeting and running IT security projects.

What You'll Be Measured On:

• Annual cybersecurity strategy report
• Quarterly risk reports and dashboards
• Performance metrics (e.g: incident handling, cost efficiency)
• Budget usage and cost tracking
• Regular reviews of IT security performance and vendor quality

Work location :CBD

Whats on offer

(1) Attractive package

(2) Stable Management

(3) Dynamic work environment.

For better response, pls apply via job page

click job opening, click relevant position.

We regret that only shortlisted candidates will be notified.

Carry out the end-to-end security management for enterprise of application security, host security, data security, network security, including but not limited to security policy management and system maintenance.
Responsible for the Governance, Risk and Compliance technical implementation of personal information protection requirements.
Project management, plan and coordinate security tools implementation throughout the overseas region. Providing periodic reporting of progress and issues.
Conduct and perform periodic security awareness training and phishing campaigns.
Responsible for the break-down and implementation of the development work in the baseline specification and technical architecture.
The ideal candidates we are looking for should be seasoned Information Security Professionals with:
KEY REQUIREMENTS
Bachelor’s degree or above in Computer Science.
At least 3 years working experience in network or information security related fields.
Familiar with ISO27001, ITIL related technical standards and control measures.
Familiar with common information security products and technical principles, e.g. system and network security, DLP, antivirus, encryption, SIEM, Zero Trust etc.
Security certification such as CISSP, CISA, CCNP, CCIE is preferred.
#J-18808-Ljbffr

**Line of Service**Internal Firm Services**Industry/Sector**Not Applicable**Specialism**IFS - Risk & Quality (R&Q)**Management Level**Associate**Job Description & Summary**At PwC, we help clients build trust and reinvent so they can turn complexity into competitive advantage. We’re a tech-forward, people-empowered network with more than 370,000 people in 149 countries. Across audit and assurance, tax and legal, deals and consulting we help clients build, accelerate and sustain momentum. Find out more at
If you love the business side of information security this is the place to be. Within the CISO pillar we work closely with member firm stakeholders to understand their business model and roadmap for technology.
In turn the CISO pillar outlines the roadmap for NIS and drives engagement and adoption of central security services in line with the PwC Cyber Readiness program.
Our mission is to identify, control, and reduce the attack surface across the network of member firms while increasing our adversaries’ cost of attack.
Network Information Security team is redefining cyber security on a global scale at PwC. Our mission protects 223,000 PwC members across 157 member firms worldwide, as well as our global clients.
If you are seeking an exciting career with the scope to grow your information and cyber security skills, then NIS will empower you to do so.**Roles & Responsibilities**:**Project Support:*** Assist in the planning, execution, and monitoring of projects.* Utilise strong critical thinking and problem solving skills day to day* Collaborate with team members to ensure project deliverables are met on time and within scope.* Prepare and maintain project documentation, including reports, presentations, and meeting minutes.* Quickly adapt to changing priorities and project requirements.* Demonstrate flexibility in managing tasks and responsibilities in a dynamic work environment.* Proactively identify and address potential issues or roadblocks to ensure smooth project execution.* Work with other NIS teams both locally, regionally and globally to deliver the security needs specific to the firm.**Compliance and Vulnerability Management:*** Support work in vulnerability management and compliance activities* Handles BAU activities such as managing security exceptions* Help the business comply with the Information Security Policy by leveraging your cyber security knowledge and expertise.* Collaborate with PwC IT and global team to align security process and tools.**Application Security:*** Guide and support the business team to complete all required security reviews* Build knowledge on application security to effectively support security assessments* Align with different global and local teams to identify and fix gaps or risk found.**Other*** Help with daily security incident handling* Help to manage junior staff, eg. internsAn effective CISO pillar candidate will also possess the following **skills/ Requirements*** Able to work in a fast-paced environment, can upskill quickly and learn proactively* Analytical: Inquisitive nature and intuition regarding what questions to ask, when, and their relative significance.* Technical: Broad understanding of security technology.* Business: High level understanding of PwC’s business model, service offerings, and business operating environment as it pertains to the firm’s threat landscape. Ability to frame threats and exposures in a business context recognized by non-technical staff and executives.* Individuals selected for this role are expected to have both extensive knowledge and managerial know-how related to the following aspects: Demonstrate flexibility in managing tasks and responsibilities in a dynamic work environment* Understanding of technical and non-technical information security risks.* Have skills to analyse data and visualise data (good to have knowledge of Excel, PowerPoint etc.)* Good written and effective communicator to deal with various stakeholders* Meticulous and possesses an eye for details* Proactive, keen to learn, enjoys solving challenging problems, thinking outside of the box* Diligent and open to feedback* Experience in a role balanced between business stakeholders and a central service organization.* Possess knowledge about application security to effectively support security assessments* Time and Task Management: Ability to prioritise risk, manage a variety of take, take ownership to drive completion of activities and deliver on time**Education and Experience**:* Interest in Information Security* Bachelor’s or master’s degree (technical degree) or equivalent Industry certification**Candidate Specifications:***Desired Certifications:** (Certifications aren’t a prerequisite however are well regarded)**Education Level:** Undergraduate Degree (e.g. BIT, BSc) STEM or equivalent work experience: 2 - 4 years’ of progressive professional roles involving information security, computer science and/or other technical background**Education** *(if blank, degree and/or field of study not specified)*Degrees/Field of Study required:Degrees/Field of Study preferred:**Certifications** *(if blank, certifications not specified)***Required Skills**Application Security, Application Security Assessment, Application Security Assessments, Application Security Reviews, Application Security Testing, Cybersecurity Controls, Cyber Security Standards, Security Vulnerability Assessments, Threat and Vulnerability Assessment, Vulnerability Assessments, Web Application Security, Web Application Security Testing**Optional Skills**Accepting Feedback, Accepting Feedback, Active Listening, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Governance, Data Architecture, Data Archiving, Data Flow Mapping, Data Privacy Act, Emotional Regulation, Empathy, Enterprise Content Management, Incident Response Plan, Inclusion, Information Rights Management (IRM), Information Security, Information Security Governance, Information Security Management System (ISMS), Intellectual Curiosity, IT Infrastructure, Operating Model, Optimism, Privacy and Security {+ 6 more}**Desired Languages** *(If blank, desired languages not specified)***Travel Requirements**0%NoNo**Job Posting End Date**
#J-18808-Ljbffr

Perform IT security operations involving activities such as security
log reviews, vulnerability assessments, security access review and
security configuration review to ensure compliance based on customers'
requirements. Critical Key Functions and Key Tasks Perform
Vulnerability Assessment Scanning

* Work with the internal project
team and customers to establish the in-scope inventories.

* Prepare the environment and complete the pre-scan activities.

* Conduct vulnerability assessment scanning using the designated tool.

* Review
the scan results, process the results, and issue the scan reports to
stakeholders. * Follow up with the internal teams on the remediation.
* Published the remediation status IT Security Incident Management

* Involved in IT Security Incident Response Team (SIRT)

* Work with internal teams to resolve the reported security incidents

* Provide periodic status updates to IT Security Manager IT Security Alerts &
Advisory

* Tracking of IT security alerts and advisory issued by SOC and threat intelligence authorities. * Inform the appropriate stakeholders on the alert notifications

* Track the progress of remediations by the respective teams to ensure proper closure

* Conduct Security Log reviews

* Perform review of security logs in accordance to the agreed frequency.

* Investigate and clarify any anomaly with the respective towers.

* Escalate potential security incidents to project team and customers for attention.

* Prepare periodic log review reports. Security Advisory and Briefing

* Be the point-of-contact/customer liaison to assist and advise customer for ICT security related matters

* Conduct in Weekly / Monthly meeting with Customers on security related matters.

* Prepare the content and material relevant to the projects

* Conduct information security awareness training Support Audit & Compliance

* Act as the liaison officer for the IT security reviews and audits

* Collate and review information requested by auditors from respective teams.

* Support the auditors during audit period.

* Work with the team to review and respond to audit issues.

* Work with the team to remediate audit findings.

* Monitor and track the closure of audit findings.

* Other Ad-hoc activities instructed by manager.

AVP, Group Information Security & Digital Risk Management
Get AI-powered advice on this job and more exclusive features.
Who We Are
As Singapore’s longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. We understand people and provide support, services, solutions, and career paths that meet individual needs. Today, we’re on a journey of transformation, leveraging technology and creativity to become a future-ready learning organisation with the strategic ambition to be Asia’s leading financial services partner for a sustainable future. Build the bank of the future, innovate the way we deliver financial services, and enjoy a vibrant, future-ready career.
Your Opportunity Starts Here
Why Join
Protecting our customers' assets and information is at the heart of what we do at OCBC. As an Information Security and Digital Risk Management Specialist, you'll play a critical role in safeguarding our digital landscape and ensuring the integrity of our systems. You'll be part of a team that stays ahead of emerging threats and risks.
How You Succeed
As the AVP of Information Security and Digital Risk Management (ISDRM), you will be responsible for the 2nd line governance and oversight of information security and digital risks (technology, information, and cyber) within the OCBC Group. The primary role would be the ISDRM lead to support the Bank of Singapore (BOS) entity and its subsidiaries as well as group-wide responsibilities on thematic and risk assurance reviews.
What You Do
Drive or support risk governance and oversight activities and provide effective challenge to strengthen the effectiveness of technology, information or cyber risk in Group, such as risk mitigation programs.
Plan and conduct 2nd line thematic reviews and risk assurance reviews in emerging risks arising from technology, information and cyber domains.
Perform regular risk monitoring and management reporting on risk posture to management and Board of Directors.
Drive or support the formulation and regular update of related Framework and supporting Policies to incorporate applicable industry leading practices and regulatory expectations.
Drive or support the review and enhancement of controls for existing banking services against emerging technology, information and cyber risks.
Provide risk advisory service, including recommendation of risk mitigation options, on technology, information and cyber risks associated with new banking services, fintech initiatives, outsourcing-related arrangements, regulatory and legal guidelines.
Support bank-wide initiatives to facilitate management of applicable legal & regulatory requirements (e.g., Cybersecurity Act, MAS Technology Risk Management Guidelines).
Keep abreast of new technologies and related risks, industry trends, and regulatory requirements relating to technology, information & cyber security.
Who You Are
Degree in Computer Science or equivalent technical degree.
Relevant professional certifications (e.g., CISA, CISM or CRISC) would be advantageous.
More than 7 years of relevant experience in technology, information or cyber risk management, information security or IT audit within the financial services industry.
Proficient in risk management, IT governance, information & cyber security standards.
Experienced in leading risk assessments and risk assurance testing.
Good knowledge and experience in managing legal and regulatory requirements pertaining to technology, information or cyber risk domains (e.g., Singapore, Malaysia, Hong Kong, China).
Good written and communication skills, as well as solution oriented.
Ability to interact, engage and influence with stakeholders across all levels.
Ability to contribute through others, collaborate well across seniority, cultures and locations.
Proactive and able to work well under pressure or tight deadlines.
What We Offer
Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.
Seniority level
Executive
Employment type
Full-time
Job function
Information Technology
Industries
Banking
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr

You are about to enter websites controlled or offered by third parties. OCBC hereby disclaims liability for any information, materials, products or services posted or offered at any of these third party web-sites. By creating a link to these third party web-sites, OCBC does not endorse or recommend any products or services offered or information contained on those web-sites or information fed by these third parties nor is OCBC liable for any failure of products or services offered or advertised at any of these third party web-sites. OCBC Group shall in no event be liable for any damages, loss or expense including without limitation, direct, indirect, special, or consequential damage, or economic loss arising from or in connection with any use of or access to any other website linked to this website, any system, server or connection failure, error, omission, interruption, delay in transmission, or computer virus and any services, products, information, data, software or other material obtained from this website or from any other website linked to this website. Any hyperlinks to any other websites are not an endorsement or verification of such websites and such websites should only be accessed at the user’s own risks. This exclusion clause shall take effect to the fullest extent permitted by law.
You further consent to Oversea-Chinese Banking Corporation Limited, its related corporations (collectively, the "OCBC Group"), and their respective business partners and agents (collectively, the “OCBC Representatives”) collecting, using and disclosing your personal data for purposes reasonably required by the OCBC Group and the OCBC Representatives to enable them to process your employment application and assess your suitability for the position which you are applying for. Such purposes are set out in a Data Protection Policy, which is accessible at or available on request and which you confirm you have read and understood.
AVP, Group Information Security & Digital Risk Management page is loaded
AVP, Group Information Security & Digital Risk Management Apply remote type Hybrid locations OCBC Singapore time type Full time posted on Posted Yesterday job requisition id JR
WHO WE ARE:
As Singapore’s longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.
Today, we’re on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia’s leading financial services partner for a sustainable future.
We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career.
Your Opportunity Starts Here.
Why Join
Protecting our customers' assets and information is at the heart of what we do at OCBC. As an Information Security and Digital Risk Management Specialist, you'll play a critical role in safeguarding our digital landscape and ensuring the integrity of our systems. You'll be part of a team that's passionate about staying ahead of emerging threats and risks.
How you succeed
As the Assistant VP of Information Security and Digital Risk Management (ISDRM), you will be responsible for the 2nd line governance and oversight of information security and digital risks (technology, information, and cyber) within the OCBC Group. The primary role would be the ISDRM lead to support the Bank of Singapore (BOS) entity and its subsidiaries as well as group-wide responsibilities on thematic and risk assurance reviews.
What you do
Drive or support risk governance and oversight activities and provide effective challenge to strengthen the effectiveness of technology, information or cyber risk in Group, such as risk mitigation programs.
Plan and conduct 2nd line thematic reviews and risk assurance reviews in emerging risks arising from technology, information and cyber domains.
Perform regular risk monitoring and management reporting on risk posture to management and Board of Directors.
Drive or support the formulation and regular update of related Framework and supporting Policies to incorporate applicable industry leading practices and regulatory expectations.
Drive or support the review and enhancement of controls for existing banking services against emerging technology, information and cyber risks.
Provide risk advisory service, including recommendation of risk mitigation options, on technology, information and cyber risks associated with new banking services, fintech initiatives, outsourcing-related arrangements, regulatory and legal guidelines.
Support bank-wide initiatives to facilitate management of applicable legal & regulatory requirements (e.g., Cybersecurity Act, MAS Technology Risk Management Guidelines).
Keep abreast of new technologies and related risks, industry trends, and regulatory requirements relating to technology, information & cyber security.
Who you are
Degree in Computer Science or equivalent technical degree.
Relevant professional certifications (e.g., CISA, CISM or CRISC) would be advantageous.
More than 7 years of relevant experience in technology, information or cyber risk management, information security or IT audit within the financial services industry.
Proficient in risk management, IT governance, information & cyber security standards.
Experienced in leading risk assessments and risk assurance testing.
Good knowledge and experience in managing legal and regulatory requirements pertaining to technology, information or cyber risk domains (e.g., Singapore, Malaysia, Hong Kong, China).
Good written and communication skills, as well as solution oriented.
Ability to interact, engage and influence with stakeholders across all levels.
Ability to contribute through others, collaborate well across seniority, cultures and locations.
Proactive and able to work well under pressure or tight deadlines.
What we offer:
Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.
If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!
#J-18808-Ljbffr

This Cyber Security Analyst role is responsible for safeguarding the organization's digital assets by identifying and mitigating potential security risks, monitoring network activity for unusual behaviour, and responding to incidents.

• Safeguard Digital Assets : Protect the organization's digital assets from potential security threats.
• Analyze Security Logs : Analyze security logs, SIEM alerts, and incident reports to identify and mitigate potential security risks.
• Respond to Incidents : Respond to and investigate security incidents, including breaches, malware outbreaks, and phishing attacks.
• Monitor Networks : Monitor networks and systems for security breaches, alerts, and anomalous activity.

• Bachelor Degree or Advanced Diploma in Computer Science, Information Technology, Cybersecurity from a recognized university or related field.
• At least 1-3 years in a cybersecurity role, with hands-on experience in SIEM content management, network security, threat monitoring, or incident response.