Assistant Manager

Assistant Manager - Cybersecurity and Compliance The Assistant/Deputy Manager of Cybersecurity Governance, Risk and Compliance (Information Technology) will play a key role in strengthening the organisation's cybersecurity posture across its supply chain operations. The role is responsible for developing, implementing, and maintaining governance frameworks, risk management processes, and compliance programmes to ensure the organisation's security posture aligns with regulatory expectations, business objectives, and risk tolerance. The manager will work closely with business units, IT teams and external stakeholders to ensure compliance with regulatory requirements, industry standards, and internal security policies, and will adapt the cybersecurity framework to the increasing velocity of changes to uphold protection of the cyberspace for the organisation. Job Responsibilities Cybersecurity Governance Develop, implement, and review cybersecurity policies, standards, and procedures in alignment with organisational needs and national frameworks (e.g., CSA, IM8). Drive awareness and training programmes to embed a culture of cybersecurity across the organisation. Provide guidance to business units on secure practices and policy adherence. Cybersecurity Risk Management Conduct regular risk assessments on IT systems, operational technologies, and supply chain processes to identify vulnerabilities and threats. Assess the cyber security risk of third‐party vendors with an appropriate level of detail. Identify controls to address gaps in third‐party vendor relationships and monitor the implementation of controls. Establish risk registers, recommend mitigation strategies, and track remediation activities. Monitor emerging cybersecurity risks, particularly those affecting logistics, warehousing and transportation systems. Liaise with the application project team on penetration‐test findings closure and improvement; track findings and ensure timely closure. Ensure the cyber risk register is kept up to date and risks are calculated accurately. Cybersecurity Compliance and Audit Ensure compliance with regulatory requirements (e.g., PDPA, Cybersecurity Act, MAS TRM) and global standards (ISO 27001, NIST). Coordinate and support internal and external audits and customer security assessments. Maintain and update compliance documentation, audit evidence and reports. Conduct assurance reviews to validate governance adherence and expected outcomes. Collaborate with technology and business teams to automate compliance checks and audit processes. Assess third‐party vendor cybersecurity risks, define and monitor controls, and track remediation. Oversee security operations service provider in managing cybersecurity incidents and operations. Support deployment of cybersecurity solutions and assist in resolving security‐related issues. Monitor, detect and ensure timely remediation of cyber threats, risks and vulnerabilities. Stay current with emerging threats, technologies and industry best practices; recommend controls and solutions. Plan, conduct and oversee vulnerability assessments and penetration testing, ensuring timely closure of findings. Incident Preparedness & Reporting Support the development and testing of cybersecurity incident response and business continuity plans. Ensure governance and compliance aspects are addressed during incident investigations and post‐mortems. Report cybersecurity metrics and compliance status to senior management and relevant committees. Other Responsibilities Undertake assigned projects or duties as directed by Management. Job Requirements Proficient in MS Office Applications / Microsoft Power Platform Applications and social media platforms. Strong analytical and problem‐solving skills, with the ability to assess risks and propose practical mitigation strategies. Positive attitude and willingness to learn. Strong written and verbal communication skills. Basic understanding of cybersecurity principles and best practices. Ability to explain technical concepts to non‐technical audiences. Strong attention to detail and a commitment to maintaining accuracy and consistency in all communications. Self‐motivated and proactive, with a demonstrated ability to work independently and take ownership of assigned tasks and priorities in a fast‐paced environment. Ability to manage multiple tasks simultaneously and carry out tasks assigned by Management. Team player with strong collaboration skills to work with IT, operations and external vendors. Professional Qualifications & Relevant Experience Bachelor's degree in Cybersecurity, Information Security, Computer Science or a related discipline. Professional certifications preferred: CISM, CISSP, CRISC, ISO 27001 Lead Implementer / Auditor, or equivalent. 5‐8 years of relevant cybersecurity experience, with at least 2‐3 years in governance, risk and compliance functions. Singaporean only. Work Location 60 Pioneer Road, Tuas By applying for this role, you consent to ST Logistics's PDPA and e2i's PDPA #J-18808-Ljbffr