Assistant Manager

Assistant Manager - Cybersecurity and Compliance Join to apply for the Assistant Manager - Cybersecurity and Compliance role at ST Logistics The Assistant/Deputy Manager - Cybersecurity Governance, Risk and Compliance (Information Technology) will play a key role in strengthening the organisation's cybersecurity posture across its supply chain operations. He/she will be responsible for developing, implementing, and maintaining governance frameworks, risk management processes, and compliance programmes ensuring the organisation's security posture aligns with regulatory expectations, business objectives, and risk tolerance. He/she will work closely with business units, IT teams, and external stakeholders to ensure compliance with regulatory requirements, industry standards, and internal security policies. He/she will also ensure that the cybersecurity framework aligns with the increase in velocity of changes to uphold protection of cyberspace for the organisation. Equipped with an analytical mindset and communication skills, he/she is a problem solver and adept at managing a diverse group of stakeholders. Job Responsibilities Cybersecurity Governance – Develop, implement, and review cybersecurity policies, standards, and procedures in alignment with organisational needs and national frameworks (e.g., CSA, IM8). Drive awareness and training programmes to embed a culture of cybersecurity across the organisation. Provide guidance to business units on secure practices and policy adherence. Cybersecurity Risk Management – Conduct regular risk assessments on IT systems, operational technologies, and supply chain processes to identify vulnerabilities and threats. Assess the cyber security risk of third‐party vendors, identify controls to address gaps, and monitor implementation. Establish risk registers, recommend mitigation strategies, and track remediation activities. Monitor emerging cybersecurity risks affecting logistics, warehousing, and transportation. Liaise with the application project team on penetration test findings closure; track finding and ensure timeliness of closure. Ensure cyber risk register is kept up to date and risk is calculated accurately. Cybersecurity Compliance and Audit – Ensure compliance with regulatory requirements (e.g., PDPA, Cybersecurity Act, MAS TRM) and global standards (ISO 27001, NIST). Coordinate and support internal/external audits and customer security assessments. Maintain compliance documentation, audit evidence, and reports. Conduct assurance reviews to validate governance adherence. Collaborate with technology and business teams to automate compliance checks and audit processes. Assess third‐party vendor cybersecurity risks, define and monitor controls, and track remediation. Oversee security operations service provider in managing cybersecurity incidents and operations. Support deployment of cybersecurity solutions and assist in resolving security‐related issues. Monitor, detect, and ensure timely remediation of cyber threats, risks, and vulnerabilities. Stay current with emerging threats, technologies, and industry best practices; recommend controls and solutions. Plan, conduct, and oversee vulnerability assessments and penetration testing, ensuring timely closure of findings. Incident Preparedness & Reporting – Support the development and testing of cybersecurity incident response and business continuity plans. Ensure governance and compliance aspects are addressed during incident investigations and post‐mortems. Report cybersecurity metrics and compliance status to senior management and relevant committees. Others – Undertake assigned projects or duties as directed by Management. Job Requirements Proficient in MS Office Applications / Microsoft Power Platform Applications and social media platforms. Strong analytical and problem‐solving skills, with the ability to assess risks and propose practical mitigation strategies. Positive attitude and willingness to learn. Strong written and verbal communication skills. Basic understanding of cybersecurity principles and best practices. Ability to explain technical concepts to non‐technical audiences. Strong attention to detail and a commitment to maintaining accuracy and consistency in all communications. Self‐motivated and proactive, with a demonstrated ability to work independently and take ownership of assigned tasks and priorities in a fast‐paced environment. Ability to manage multiple tasks simultaneously and carry out tasks assigned by Management. Team player with strong collaboration skills to work with IT, operations, and external vendors. Professional Qualifications & Relevant Experience Bachelor's degree in Cybersecurity, Information Security, Computer Science, or a related discipline. Professional certifications preferred: CISM, CISSP, CRISC, ISO 27001 Lead Implementer/Auditor, or equivalent. 5–8 years of relevant cybersecurity experience, with at least 2–3 years in governance, risk, and compliance functions. Singaporean only. Work Location 60 Pioneer Road, Tuas Additional Information This job is in partnership with the Employment and Employability Institute Pte Ltd ("e2i"). e2i is a tripartite initiative of the National Trades Union Congress set up to support nationwide manpower and skills upgrading initiatives. By applying for this role, you consent to ST Logistics's PDPA – and e2i's PDPA – Seniority Level Executive Employment Type Full‐time Job Function Supply Chain Industries Transportation, Logistics, Supply Chain and Storage #J-18808-Ljbffr