141 Threat Modeling jobs in Singapore

Get AI-powered advice on this job and more exclusive features.

Direct message the job poster from Ambition

Overview:

Our client is seeking an experienced Information Security Manager to lead and strengthen their security operations. This role will focus on monitoring, detecting, and responding to cyber threats, managing security technologies, driving vulnerability management initiatives, and ensuring compliance with industry regulations. The position will work closely with IT, engineering, and risk management teams to maintain a secure and resilient environment.

Key Responsibilities:

1. Security Operations & Incident Response

• Lead and enhance the operations of the Security Operations Center (SOC), ensuring timely monitoring, detection, and incident response.
• Manage and optimize the use of SIEM, EDR, IDS/IPS, and other security technologies.
• Oversee the full incident response lifecycle, including investigation, containment, eradication, and recovery.
• Conduct post-incident reviews and implement continuous improvements.

2. Vulnerability & Threat Management

• Coordinate vulnerability scanning, penetration testing, and remediation activities.
• Stay informed of emerging threats and ensure proactive security measures are implemented.
• Partner with IT and engineering teams to address vulnerabilities and harden systems.

3. Security Compliance & Risk Management

• Ensure compliance with relevant regulatory frameworks (e.g., PCI DSS, MAS TRM, GDPR).
• Support internal and external audits, risk assessments, and regulatory reviews.
• Maintain and continuously update security policies, standards, and procedures

4. Security Awareness & Collaboration

• Lead security awareness and training initiatives across the organization.
• Collaborate with DevOps and engineering teams to embed security into CI/CD pipelines.
• Engage with external vendors, partners, and law enforcement on security-related matters.

Key Requirements:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• Minimum 5 years of experience in information security, with at least 2 years in a leadership or management role within security operations.
• Hands-on experience with security technologies such as SIEM (Splunk, Azure Sentinel), EDR, IDS/IPS, firewalls, and cloud security platforms (AWS, Azure, GCP).
• Strong understanding of threat intelligence, malware analysis, and forensic investigation tools.
• Knowledge of regulatory compliance frameworks, particularly within the financial services sector (PCI DSS, MAS TRM, GDPR).

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Information Services

Referrals increase your chances of interviewing at Ambition by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

1 year ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

Job Description

Develop and continually refine the security framework, information security policies, processes, procedures, and guidelines.

Ensure compliance with these policies and procedures through regular security reviews and audits, including log analysis and security assessments of customer ICT systems.

Conduct security risk management exercises and table-top exercises.

Perform vulnerability assessments and coordinate penetration testing activities.

Deliver information security awareness training.

Develop and manage the customer’s security incident response plan.

Lead and support the customer in resolving and responding to security incidents.

Serve as the primary point of contact and advisor for the customer on ICT security-related matters.

Manage project activities and deliverables during the implementation phase.

Job Requirements

Minimum of 5 years of experience in IT security.

Experience with networks, servers (Windows and UNIX), and databases.

Proven track record in IT security auditing and security assessments.

Proficient in analyzing logs from various sources and understanding protocols and traffic flows.

Knowledge of Active Directory, endpoint protection solutions, Early Detection and Response solutions, Database Activity Monitoring tools, and SIEM.

Adaptable, team-oriented, and proactive personality.

Ability to independently organize and plan work.

Capable of working effectively in a rapidly changing environment.

Strong multi-tasking skills and the ability to switch contexts effectively between different activities and teams.

CISSP, CISM, Security+, or other relevant IT security certifications (e.g., Imperva, Carbon Black) are advantageous.

EA Licence No.:18S9405 / EA Reg. No.:R1330864

Skills & Competencies

IT security,CISSP,CISM,Security+

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries IT Services and IT Consulting

Referrals increase your chances of interviewing at Percept Solutions by 2x

Get notified about new Information Security Analyst jobs in Singapore .

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Posted 29 July 2025 Salary S$12000 - S$13000 per annum + Variable Bonus Location Singapore Job type Permanent Discipline Technology Reference 283869_1753768672

Our client is seeking an experienced Information Security Manager to lead and strengthen their security operations. This role will focus on monitoring, detecting, and responding to cyber threats, managing security technologies, driving vulnerability management initiatives, and ensuring compliance with industry regulations. The position will work closely with IT, engineering, and risk management teams to maintain a secure and resilient environment.

Key Responsibilities:

1. Security Operations & Incident Response

• Lead and enhance the operations of the Security Operations Center (SOC), ensuring timely monitoring, detection, and incident response.
• Manage and optimize the use of SIEM, EDR, IDS/IPS, and other security technologies.
• Oversee the full incident response lifecycle, including investigation, containment, eradication, and recovery.
• Conduct post-incident reviews and implement continuous improvements.

2. Vulnerability & Threat Management

• Coordinate vulnerability scanning, penetration testing, and remediation activities.
• Stay informed of emerging threats and ensure proactive security measures are implemented.
• Partner with IT and engineering teams to address vulnerabilities and harden systems.

3. Security Compliance & Risk Management

• Ensure compliance with relevant regulatory frameworks (e.g., PCI DSS, MAS TRM, GDPR).
• Support internal and external audits, risk assessments, and regulatory reviews.
• Maintain and continuously update security policies, standards, and procedures

4. Security Awareness & Collaboration

• Lead security awareness and training initiatives across the organization.
• Collaborate with DevOps and engineering teams to embed security into CI/CD pipelines.
• Engage with external vendors, partners, and law enforcement on security-related matters.

Key Requirements:

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• Minimum 5 years of experience in information security, with at least 2 years in a leadership or management role within security operations.
• Hands-on experience with security technologies such as SIEM (Splunk, Azure Sentinel), EDR, IDS/IPS, firewalls, and cloud security platforms (AWS, Azure, GCP).
• Strong understanding of threat intelligence, malware analysis, and forensic investigation tools.
• Knowledge of regulatory compliance frameworks, particularly within the financial services sector (PCI DSS, MAS TRM, GDPR).

If this job isn't quite right for you, but you know someone who would be great at this role, why not take advantage of our referral scheme? We offer SGD1,000 or SGD350 in shopping vouchers for every referred candidate who we place in a role. Terms & Conditions Apply.

Join to apply for the Information Security Engineer role at Manpower Singapore

2 days ago Be among the first 25 applicants

Join to apply for the Information Security Engineer role at Manpower Singapore

Information Security Engineer, Vulnerability Management and Operation

We are seeking an exceptional Security Engineer to support our vulnerability management program. This is a technical, operation-oriented, and hands-on role in a dynamic and fast-paced environment.

You'll work with various applications and systems to manage vulnerabilities, follow up with different teams, drive remediation, and improve current processes.

• You will join a team that stays up to date on emerging security vulnerabilities and threats, maintains composure in crises, and advocates for improving product and service security.
• You need a good technical background and a strong interest in network, system, and web security.
• The role requires excellent communication skills to collaborate effectively with diverse teams. Responsibilities include:
• Working cross-functionally to identify and assess vulnerabilities, guiding teams through the remediation lifecycle with a focus on timely resolution and outcome-driven communication.
• Using programming to analyze large data dumps related to systems and applications to extract key information for vulnerability impact analysis.

• BSc in Computer Science, Information Technology, Information Security, or related field
• At least 3 years of experience in information security or related field
• Self-starter with flexibility to work remotely and support a global team
• Ability to manage multiple activities concurrently
• Passionate about data security
• Experience with vulnerability scanning tools like Tenable, Qualys, etc.
• Familiarity with common security vulnerabilities and their severity assessment
• Ability to analyze vulnerabilities and provide remediation guidance
• Independent in supporting and driving vulnerability remediation
• Continuous improvement mindset and automation skills
• Ability to run proof of concept for known vulnerabilities
• Understanding of IPv4 and IPv6 networks
• Proficiency in programming languages such as Python, Go, Rust, or Bash scripting
• Excellent critical thinking skills
• Problem-solving skills related to logic and algorithms
• Experience with SQL and Linux
• Experience with penetration testing
• Knowledge of the security research community

Note: Your response to this advertisement and communications will constitute informed consent for the collection, use, and disclosure of personal data by ManpowerGroup Singapore, in accordance with the Personal Data Protection Act 2012. For more information, visit ManpowerGroup's Privacy Policy .

XTX Markets is a leading algorithmic trading firm which uses state-of-the-art machine learning technology to produce price forecasts for over 50,000 financial instruments across equities, fixed income, currencies, commodities and crypto. It uses those forecasts to trade on exchanges and alternative trading venues, and to offer differentiated liquidity directly to clients worldwide. The firm trades over $250bn a day across 35 countries and has over 250 employees based in London, Singapore, New York, Paris, Bristol, Mumbai, Yerevan and Kajaani.

We leverage the talent of the people who work here, modern computational techniques and state-of-the-art research infrastructure to analyse large data sets across markets quickly and efficiently, to maximize the effectiveness of our proprietary trading algorithms. We are actively seeking new methods and ideas. The models that drive our trading strategies have evolved considerably over the last 10 years, from econometric methods that gave our company its name, to trees, to neural networks, to modern deep learning architectures.

XTX Markets has an unrivalled level of computational resources in the trading industry, with a growing research cluster currently containing over 25,000 GPUs with 650 petabytes of usable storage. Teams across the firm include world-class researchers with backgrounds in pure math, programming, physics, computer science and machine learning. The firm is also constructing a large-scale data centre in Finland to future-proof its significant computational capabilities.

At XTX Markets technology is our business and we are a diverse organization which attracts outstanding talent from across all industry backgrounds. We are focused on teamwork and our people collaborate on all aspects of the business, working openly and with respect for each other, our clients and the market. Our culture is non-hierarchical and one where everyone is valued. We strive for excellence in everything we do.

The Team

The Information Security team at XTX Markets are accountable for all aspects of the firm’s physical and IT security. From obtaining and transforming events and signals into actionable intelligence to helping design and implement authentication/authorisation systems, alongside third-party risk assessment and global regulatory compliance. This role is based in our Singapore office, and you will work closely with the Risk and Information Security teams in our London HQ.

The Role

As our first Information Security Analyst, you’ll work to ensure that XTX Markets’ data and infrastructure meet – and, where appropriate, exceed – the requirements of global regulators and auditors.

You will:

• Develop and automate compliance workflows (detection, analysis, business justifications, evidence-gathering).
• Liaise with external auditors to resolve findings and document compensating controls.
• Manage third-party/vendor risk assessments and ongoing security reviews.

You’ll also have opportunities to contribute across the security function: improving our vulnerability-management program, enhancing our detection framework, and helping triage and respond to security alerts. You will actively collaborate with a range of stakeholders within the firm.

• 3+ years in Information Security, with a focus on audit/compliance.
• Programming/scripting skills (e.g. Python, PowerShell) particularly for automating repeatable tasks.
• Strong written and verbal communication skills.
• Rapid learner with outstanding attention to detail.
• Self-starter: able to work autonomously, prioritise tasks, and admit mistakes.
• Able to write clear, succinct business justifications and technical documentation.
• Hands-on proficiency with vulnerability management/compliance platforms (e.g. Tenable Nessus).
• Familiarity with Indian information-security regulations and audit practices (SEBI, NSE, etc.)
• An academic foundation in computer science or a related subject would be beneficial.

*

indicates a required field

First Name *

Last Name *

Preferred First Name

Email *

Phone

Resume/CV

Enter manually

Accepted file types: pdf, doc, docx, txt, rtf

Enter manually

Accepted file types: pdf, doc, docx, txt, rtf

Website

Please indicate what right to work you have in Singapore. * Select.

We are seeking a skilled and experienced Information Security Administrator to join our team. The ideal candidate will have a strong background in IT security, with experience in administering and managing IT security technologies.

This is a challenging role for an experienced Cyber Security Specialist to join our organization as a key member of the team. As a Cyber Security Expert, you will be responsible for deploying, configuring and maintaining CyberArk components across various systems and environments.

• CyberArk Deployment and Maintenance:
• Manage the onboarding and lifecycle of privileged accounts across various systems and environments.
• Implement CyberArk policies and security best practices to align with compliance and regulatory standards.
• Develop and maintain automation scripts and integrations with CyberArk using REST APIs, PowerShell, and other tools.
• Monitor and troubleshoot CyberArk infrastructure and user issues, providing escalation support as needed.

• CyberArk Certified Delivery Engineer (CDE) certification.
• At least 3 years of experience implementing and supporting CyberArk solutions in enterprise environments.
• Strong scripting skills (PowerShell, Python, etc.) and experience using CyberArk APIs.
• Understanding of identity and access management (IAM) concepts, Zero Trust, and least privilege.

• Sentry experience or certification.
• CyberArk Defender or Guardian certification(s).
• Familiarity with cloud PAM implementations (AWS, Azure, GCP).
• Experience with SIEM tools and security monitoring.

The Cybersecurity Engineer will be responsible for designing and implementing secure, resilient system architectures while ensuring security is embedded throughout the development lifecycle. This role requires a deep understanding of cybersecurity frameworks, threat modeling, and risk mitigation strategies to protect enterprise systems against evolving threats.

• Secure System Architecture & Design:
  • Design and implement robust security architectures for enterprise systems, applications, and cloud environments.
  • Develop security blueprints, reference architectures, and design patterns to standardize secure development practices.
  • Ensure security-by-design principles are integrated into all phases of the Software Development Lifecycle.
• Risk Mitigation & Threat Modeling:
  • Conduct threat modeling (e.g., STRIDE, DREAD) to identify vulnerabilities in system designs.
  • Define security controls to mitigate risks from emerging technologies (e.g., cloud, IoT, AI).
  • Perform security impact assessments for new business initiatives and technology deployments.
• Security Integration & Compliance:
  • Align security architectures with industry standards (NIST CSF, ISO 27001, CIS, OWASP).
  • Ensure compliance with regulatory requirements (GDPR, HIPAA, PCI-DSS, SOC 2).
  • Collaborate with DevSecOps teams to integrate security into CI/CD pipelines.
• Security Documentation & Governance:
  • Produce detailed security design documents, including:
    Security architecture diagrams
    Data flow models with security controls
    Encryption and access control policies
  • Maintain security baselines for systems and applications.
  • Support audits, penetration tests, and vulnerability assessments.

• Education & Experience
  • Bachelor's/Master's in Cybersecurity, Computer Science, or related field.
  • 3-5+ years in cybersecurity, with a focus on secure architecture design, risk assessment, or cloud security.
  • Hands-on experience with:
    Cloud security (AWS/Azure/GCP) and hybrid environments.
    Identity & Access Management (IAM), PKI, and encryption.
    SIEM, EDR/XDR, firewalls, and network security.
• Technical Competencies
  • Security Frameworks: NIST, ISO 27001, CIS, MITRE ATT&CK.
  • Threat Modeling Tools: Microsoft Threat Modeling Tool, OWASP Threat Dragon.
  • Security Automation: Experience with IaC (Terraform, Ansible) and DevSecOps tools (GitLab, Jenkins).
• Certifications (Preferred)
  • CISSP, CCSP, CISA, CISM, AWS/Azure Security, SABSA, TOGAF.
• Soft Skills
  • Strong analytical and problem-solving abilities.
  • Ability to translate technical risks into business impacts.
  • Excellent communication and stakeholder management skills.

As a Security Lead, you will be responsible for the delivery and implementation of security-related projects across infrastructure and systems.