Associate Director, Information Security Operations
2 months ago
As pioneering innovators for over 100 years, we're now transforming our organisation to be faster, simpler and more connected. Because we want to be even better equipped to develop digital solutions and experiences that help more people live Healthier, Longer, Better Lives.
To get there, we need people with tech/digital/analytics expertise and passion to help develop positive, sustainable change through digitally enhanced experiences that will impact the lives of millions of people and create a healthier future for everyone.
If you believe in developing a better tomorrow, read on.
About the Role
We are seeking an experienced senior manager to lead our information security team, combining strong hands-on technical expertise as well as people management experience in the information security domain. They will lead a team to design and/or review application security including but not limited to penetration test, source code review, Cloud Security and various inter-connected application and infrastructures, especially in the area of authentication, authorization, information protection, and cryptographic controls for both on-premise and cloud environment. The role also has supervision of the AIA-SG IAM and Threat Intelligence Manager and their team.
This role is responsible for providing leadership in application security review for the strategic digital solutions across technology to ensure secure solutions for business growth. The person should have solid written and verbal communication skills.
WHAT YOU'LL BE DOING:
VAPT
Manage the AIA-SG Vulnerability Assessment and Penetration Testing team responsible for delivering the following services to AIA-SG, including Security Architecture:
Application Security
- Design and/or review application security architecture proposal for various security-driven initiatives or business-driven initiatives for on-premise and cloud environment.
- Manage external third-party for application penetration testing engagements.
Infrastructure Security
- Manage end-to-end infrastructure security activities, such as vulnerability management, servers' security monitoring & hardening, infrastructure as a code, etc.
- Design and/or review infrastructure security architecture proposal for various security-driven initiatives for on-premise and cloud environment.
Cloud Security
- Manage compliancy level of AIA SG cloud security assets based on ongoing regular scanning according to the defined threshold.
- Evaluate the security aspect of new cloud-based solutions proposed by application development team, infrastructure team, or business users.
- Manage various cloud security BAU activities, such as assets provisioning, deprovisioning, hardening, etc.
Penetration Testing
- Manage end-to-end application security activities, including application penetration testing, authentication / authorization design / review, and DevSecOps design & roll out.
- Manage Third Party relationships with industry vendors who undertake security assessment services.
- Oversight of annual Pen testing schedule.
Information Security Architecture
- Lead a team to design and/or review application security architecture proposal for various security-driven initiatives or business-driven initiatives for on-premise and cloud environment.
- Design and/or review authentication and authorization flow of the applications, whether it is aligned with security best practices and organization's IT security technology policy & procedure in terms of the strength of access controls, session management, cache management, cookie management, token management, cryptographic algorithm, and information/data protection.
- Assess the security aspect of new proposed application tools / platforms from application team, and relevance/consequences to existing security architecture.
- Work closely with application development and infrastructure team to proactively stay on top of latest secure application design to deliver thorough security recommendation aligned with organization's IT security technology policy & procedure.
Identity and Access Management
- Supervise the AIA-SG IAM Manager and their team performing IAM Governance functions for the Business Unit.
Cyber Security & Security Incident Handling
- Work with Security Operation Centre (SOC) Team to ensure secure protection of AIA SG environment.
- Deploy new cyber security initiatives and roll out the platform together with SOC Team.
- Point of contact for security incident handling and investigation, starting from incident is identified, handled, and resolved.
Security Advisory
- Provide feasible security recommendations or guidance based on queries / changes initiated by application development team, infrastructure team, or business users.
- Facilitate challenging security conversations and provide acceptable solutions where IT standards are contradicting with business demands to achieve acceptable business solutions without sacrificing security and compliance aspects.
Managerial Responsibilities
- Lead promotion of activities to increase information security within your teams to embed and continuously improve adherence to good practice.
- Drive a continues Learning and Development program for staff training. (with inhouse and external training programs).
WHAT WE ARE LOOKING FOR:
- University degree in one of the following or related disciplines (Computer Science, Computer Engineering, Information Security, Information Systems).
- Minimum 15 years of experiences of information security domain, especially in Application Security, Infrastructure Security and Cloud Security.
- Preferable to have application development or infrastructure operation background with hands-on experiences of designing and/or reviewing application security or infrastructure security.
- Hands-on information security experience in the Multiple Cloud Environment (SaaS, PaaS and IaaS) and Cyber Incident management.
- Certifications related to security architecture or Cloud Security is preferable, such as CCSP, Azure DevOps certification, Azure Solutions Architect certification, etc.
- Preferably a holder of one or more of the following information security and audit qualifications: CISSP, CISA, CRISC, CCSP.
- Good knowledge of latest security technologies and cyber landscape in a highly regulated industry.
- Good interpersonal and communication skill.
- Strong leadership with a high integrity, proactive mindset, and strong ownership.
- Working experiences in insurance / banking / IT industry is preferred.
- Leading DevSecOps tool experience such as Snyk, Veracode, SonarQube
- Infrastructure Security: Windows, Linux, AS400.
- Application framework and Security: NodeJS, ReactJS, .NET
- Security Advisory and Assessment.
- Security Incident Management.
- CI/CD pipelines: Azure DevOps, Bamboo, Jenkins, GitHub, Bitbucket.
Build a career with us as we help our customers and the community live Healthier, Longer, Better Lives.
You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.
-
Singapore AIA Singapore Private Limited Full timeAbout the RoleWe are seeking an experienced senior manager to lead our information security team, combining strong hands-on technical expertise as well as people management experience in the information security domain. They will lead a team to design and/or review application security including but not limited to penetration test, source code review, Cloud...
-
Associate Director, Regional Security
6 days ago
Singapore MSD INTERNATIONAL GMBH (SINGAPORE BRANCH) Full timeRoles & ResponsibilitiesAssociate Director, Regional Security Based in Singapore, the regional hub for Asia Pacific (AP) and top-ranked biopharmaceutical company on the Straits Times and Statista’s list of Best Employers in Singapore for two consecutive years (2020, 2021). Join the premier biopharmaceutical company that has been in...
-
Information Technology Director
6 days ago
Singapore INSHA TECH SOLUTIONS PTE. LTD. Full timeRoles & ResponsibilitiesRoles & ResponsibilitiesJob Summary:As the Information Technical Director of INSHA TECH SOLUTIONS PTE LTD , you will be responsible for providing strategic leadership, driving business growth, and ensuring the overall success of the organization. You will work closely with the board of directors and I T Development, Artificial...
-
Associate Director, Supply Chain Security
6 days ago
Singapore MSD INTERNATIONAL GMBH (SINGAPORE BRANCH) Full timeRoles & Responsibilities Based in Singapore, the regional hub for Asia Pacific (AP) and top-ranked biopharmaceutical company on the Straits Times and Statista’s list of Best Employers in Singapore for two consecutive years (2020, 2021). Join the premier biopharmaceutical company that has been in Singapore for more than 25 years and in AP for over 60...
-
Security Operations Executive
6 days ago
Singapore RANGER INVESTIGATION & SECURITY SERVICES PTE. LTD. Full timeRoles & ResponsibilitiesJob Responsibilities: Plan and monitor the day-to-day manpower schedule and the operations of the respective sites Conduct OJT training for new hires and conduct refresher on SOP Handle workplace investigation, grievance, and discipline Plan and schedule training for security personnel in alignment with PWM requirement Prepare...
-
Information Technology Director
6 days ago
Singapore CHARIOTS CAPITAL PTE. LTD. Full timeRoles & ResponsibilitiesJob Title: Information Technology DirectorLocation: Jurong East, SingaporeWe are seeking a visionary and experienced IT Director to provide strategic Information Technology (IT) leadership, identifying and addressing all IT needs of the company. The IT Director has to establish all IT requirements for company and in implementing IT...
-
Singapore DBS Bank Limited Full timeJob Title: Senior Associate, Security Data Analyst, Information Security ServicesDBS Bank Limited is seeking a highly skilled and motivated Senior Associate, Security Data Analyst, to join our Information Security Services team. The successful candidate will be responsible for developing and implementing advanced analytical and machine learning models to...
-
Senior Data Analyst, Information Security
4 weeks ago
Singapore DBS Bank Limited Full timeJob Title: Senior Associate, Security Data Analyst, Information Security Services, TechnologyDBS Bank Limited is seeking a highly skilled and experienced Senior Associate, Security Data Analyst, to join our Information Security Services team in Technology. As a key member of our team, you will be responsible for developing and implementing advanced...
-
Senior Data Analyst, Information Security
4 weeks ago
Singapore DBS Bank Limited Full timeJob Title: Senior Associate, Security Data Analyst, Information Security Services, TechnologyDBS Bank Limited is seeking a highly skilled and motivated Senior Associate, Security Data Analyst, to join our Information Security Services team in Technology. As a key member of our team, you will be responsible for developing and implementing advanced analytical...
-
Information Security Analyst
1 month ago
Singapore TD Bank Group Full timeJob Title: Information Security AnalystWe are seeking a highly skilled Information Security Analyst to join our team at TD Bank Group. As an Information Security Analyst, you will play a critical role in ensuring the security and integrity of our systems and data.Job Summary:The Information Security Analyst will be responsible for:Conducting real-time...
-
Security Operations Executive
6 days ago
Singapore TITANIUM SAFETY & SECURITY PTE. LTD. Full timeRoles & ResponsibilitiesJob Description & Requirements Handles and coordinates the administrative aspect for the both traffic and security management department. This includes, but not limited to, collection of deliver orders and ensuring the officers’ notification are up to date. Conducts regular site supervisory checks. Assist the Deployment &...
-
Information Security Analyst
3 weeks ago
Singapore TD Bank Group Full timeJob Title: Information Security AnalystTD Bank Group is seeking a highly skilled Information Security Analyst to join our team. As an Information Security Analyst, you will be responsible for identifying and mitigating potential security threats to our systems and data.Key Responsibilities:Conduct real-time analysis of identified cyber incidents impacting...
-
Cyber Security Director
4 weeks ago
Singapore Mizuho Bank Full timeJob Title: Cyber Security DirectorCompany Overview:Mizuho Bank, a subsidiary of Mizuho FG, Inc., is a leading financial services company with a global presence. With offices in major cities worldwide, we provide financial and strategic solutions to our diverse and sophisticated clients.Job Summary:We are seeking a highly experienced Cyber Security Director...
-
Information Security Analyst
1 month ago
Singapore TD Bank Group Full timeJob Title: Information Security AnalystTD Bank Group is seeking a highly skilled Information Security Analyst to join our team. As an Information Security Analyst, you will be responsible for identifying and mitigating potential security threats to our systems and data.Key Responsibilities:Conduct real-time analysis of identified cyber incidents impacting...
-
Security Supervisor
6 months ago
Singapore FORCE-ONE SECURITY PTE. LTD. Full timeRoles & Responsibilities In charge of security or fire command centre with a security team Incident management and reporting Direct supervision Execute evacuation plans and exercises Assist in maintaining the deployment roster of the site PC literate and can able to put up incident report via smartphone Any other associated tasks and responsibilities...
-
Security Operations Manager
1 day ago
Singapore Henderson Security Services Pte Ltd Full timeJob Description for Security Operations ManagerHenderson Security Services Pte Ltd seeks a Security Operations Manager to lead our security team. Key responsibilities include:Managing the security operations centre with a team of more than 3 personnelConducting security audits and risk assessments to ensure the highest level of securityProviding general...
-
Singapore Meta Full timeWe are seeking a talented, dedicated, and highly motivated attorney to lead Meta’s APAC Security Legal team as Director & Associate General Counsel. This is a unique opportunity to have regional and global impact while working on cutting edge and novel issues in an exciting, fast-paced environment across a range of complex regulatory, safety, security,...
-
Security Operations Manager
6 days ago
Singapore DRAGNET SMARTECH SECURITY PTE. LTD. Full timeJob Summary:Dragnet Smartech Security Pte. Ltd. is seeking a skilled Security Controller to join our team at the 24/7 Command Centre. As a Security Controller, you will be responsible for managing security projects, activating emergency response personnel, and utilising HRMS to monitor onsite operations. You will also be required to monitor cloud-based...
-
Information Security Manager
6 days ago
Singapore KDDI ASIA PACIFIC PTE. LTD. Full timeJob SummaryWe are seeking a seasoned Information Security Manager to join our KDDI ASIA PACIFIC PTE. LTD. team. As a key member of our organization, you will be responsible for protecting our information assets and ensuring the security of our information systems. The ideal candidate will have a strong background in information security, with a minimum of 5...
-
Singapore ANZ Full timeAbout UsAt ANZ, we're harnessing the power of technology and data to drive financial wellbeing and sustainability for our customers.About the RoleAs a Technology and Information Security Governance Lead, you'll play a critical role in driving technology operational risk excellence using the ANZ Risk Management Framework. You'll work closely with Country...
