x
Get our mobile app
Fast & easy access to Jobstore
Use App
Congratulations!
You just received a job recommendation!
check it out now
Browse Jobs
Companies
Campus Hiring
Download App
Browse Jobs
Companies
Campus Hiring
News
Download App
Employers
View All Jobs
Jobs in Singapore
Jobs in Singapore   »   Jobs in Singapore   »   Legal / Public / Security Job   »   Security Manager
banner picture 1 banner picture 2 banner picture 3

Security Manager

Climate Impact X Pte. Ltd.

Climate Impact X Pte. Ltd. company logo
Job Type   /   Job Level
Full-time   /   Manager
Job Location
Singapore, Singapore, Singapore
Salary Offered

CIX is seeking for a Security Manager based in Singapore who will be responsible for designing and driving effective cybersecurity controls and driving effective IT security management programs involving technology policy management, technology risk management, compliance management, IT vendor management, IT audit management, technical security awareness and training.


Responsibilities

  • Develop and implement a cyber security strategy to safeguard the organisation’s systems and network against cyber threats
  • Collaborate with cross-functional teams to ensure the seamless integration of security measures within existing infrastructure
  • Conduct regular information security risk assessments, vulnerability assessments and penetration testing on applications, systems and networks to identify vulnerabilities, risks, and potential weaknesses. Work with relevant teams to develop and implement mitigation strategies.
  • Monitor technical vulnerabilities and risks in applications, systems and networks, and ensure vulnerabilities are remediated in a timely manner
  • Manage and fine-tune cybersecurity systems and tools such as network firewall, web application firewall, intrusion detection/prevention systems, proxy servers, malware detection systems, etc.
  • Perform security monitoring, assessment and analysis on events generated by intrusion detection/prevention systems, anomaly detection systems, antivirus and EDR systems, email security gateway, proxy devices, cloud security solution, data leakage prevention system to proactively identify anomalies, malicious activities and potential security threats
  • Lead IT security incident management efforts, from detection to triaging, escalation, containment, recovery, etc. Perform root cause analysis and provide detailed reports and recommendations for improvement
  • Integrate secure development practices throughout system development lifecycle and work with developers to identify and fix security vulnerabilities in applications
  • IT Governance, Risk & Compliance (GRC) controls
  • Data Governance covering data security classification, handling, storage, retention, and disposal
  • Develop and maintain the organisation’s information security governance framework, including policies, procedures and standards that align with industry best practices and regulatory requirements
  • Provide risk advisory for IT initiatives and to ensure policies and security measures are integrated into technology projects and business processes
  • Initiate regular control self-assessments for IT teams and business units to review the effectiveness of security controls in IT systems and business processes
  • Monitor and report on the effectiveness of security controls and the status of security risks to senior management
  • Develop and lead security awareness training programs to educate employees on security best practices and emerging threats
  • Stay abreast of the latest security trends, threats, and technologies to inform and continuously improve the organization’s information security management system, while also enhancing existing tools, processes, and procedures to strengthen the organization’s security posture.
  • Drive the evaluation and implementation of IT security projects
  • Front auditors, both internal and external, for audits directed at the technology team or at business units where IT involvement is required.
  • Ensure service providers and suppliers adhere to intended and contractual information security policies applying concepts of ownership and custody
  • Collaborate within all areas of IT to ensure that suppliers are effectively handled, and contracts are fully leveraged
  • Advise management on vendor overall performance, adherence to service levels, contractual compliance, risks, and new service offerings
  • Support business operations and head of technology in accomplishing Business Continuity Planning, review the outcome, flag any risks and track to completion


Requirements

  • Bachelor's degree in information security, information systems or computer science, or a related field
  • Minimum 5 years of experience in an information security role, preferably IT compliance/audit/control or related experiences
  • Overall 10+ years of professional experience in IT security, project management, stakeholder management
  • Must have 2+ years of experience in Cloud governance, audit, and risk management, and in major cloud providers like AWS and Azure
  • Experience in handling ISO27001 certification and/or SOC 2 compliance audit related activities
  • Strong knowledge and experience with standards and frameworks like NIST, ISO27001, CIS, CSA, MTCS, Personal Data Protection Act (PDPA) and GDPR is essential; familiarity with PCI-DSS
  • Professional certifications such as CISSP, CISM, CEH or OSCP are highly desirable
  • Industry certifications such Azure Security Engineer or Microsoft Cybersecurity Architect or equivalent will be an added advantage
  • Experience in information security risk assessment methodologies and tools. Skilled in creating and maintaining risk registers, developing and tracking risk treatment plans
  • Familiarity with data analysis tools and software to support risk analysis and reporting efforts
  • Proven ability to manage and prioritize multiple projects and tasks, work independently, under pressure and respond to tight deadlines
  • Ability to communicate effectively with all levels of personnel including senior management level
  • Proactive and consistently show initiative, solution-oriented
  • Strong IT skills and knowledge in hardware, software, networks and cloud computing
  • Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, defence-in-depth and common security element
  • Hands-on experience analysing high volumes of logs, network data and other attack artefacts
  • Knowledgeable in cryptographic algorithm/functions and key management

CIX is an equal opportunity employer committed to diversity and inclusion

*We seek your understanding that only shortlisted candidates will be contacted

Sharing is Caring

Know others who would be interested in this job?
Similar Jobs
Amateur PHOTOGRAPHERS Wanted For Sports Photography!
Ministry Of Football Private Limited
Quick Apply
Legal Associate
Bc Lim & Lau Llc
Quick Apply
Pets Avenue Vet Group Looking For Experienced Veterinary Nurse
Pets Avenue Veterinary Clinic Pte. Ltd.
Quick Apply
Principal Security Engineer
Okratin Solutions Pte. Ltd.
Quick Apply
Information Security Lead / Architect (Banking Domain)
Hcl Singapore Pte. Ltd.
Quick Apply
Senior Information Security Consultant
Lsa Consultants Pte. Ltd.
Quick Apply
Lead Security Engineer
Dexian Singapore Pte. Ltd.
Quick Apply
Public Relations Manager
Hash Beaver Pte. Ltd.
Quick Apply
Public Relation and Communications Manager (Fashion Retail)
Recruitpedia Pte. Ltd.
Quick Apply
Security and Parking Operations Manager (Commercial Buildings / 5.25 Days)
Recruitpedia Pte. Ltd.
Quick Apply
© 2024 Jobstore. All rights reserved.