Senior/lead Cyber Security Specialist

**Senior/Lead Cyber Security Specialist**:
**Date**:9 May 2025

**Location**: Singapore, Singapore

**Company**:Singtel Group

**Be a Part of Something BIG**

This role will report to Associate Director, IAM Strategy, Governance, Risk and Compliance. The Cyber Security Specialist is expected to guide divisions to adopt the governance frameworks, assess the adequacy and effectiveness of IT controls and policies against industry standards (CIS, NIST and ISO27001 etc) and regulatory requirements while aligning with business objectives.

Primary Responsibilities will be
- Creating and enforcing governance frameworks to ensure compliance with regulatory standards across IT and Enterprise
- Perform maturity assessments to evaluate the effectiveness of existing governance structures and identify areas for improvement.
- Monitor and track cybersecurity risks, including audit findings and regulatory obligations, ensuring timely mitigation and reporting.
- Drive the advancement of control frameworks such as passwordless authentication and adaptive access, to enhance security and reduce risk exposure

While there are differing business and technical considerations, Specialist needs to able to influence the stakeholders to adopt IAM best practice and align to Zero Trust framework. Specialist to keep abreast of the information security trends and advise Singtel SG BU to uplift security culture.

**Make An Impact By**
- Drive and perform maturity assessments across security domains, including cloud environments and identity access management, to evaluate control effectiveness and alignment with target maturity models
- Establish and enforce control frameworks to ensure compliance with regulatory requirements and align to industry standard such as ISO27001 and NIST. Continuous Monitoring of Security KPI and KRI for IT and Enterprise.
- Monitor and track cybersecurity risks, including audit findings and regulatory obligations, ensuring timely mitigation and reporting.
- Drive continuous improvement of Identity and Access Management (IAM) controls such as role-based access, privileged access, and identity lifecycle governance, ensuring integration into broader GRC practices.
- Uplift and enforce centralised Access Control operational process to ensure compliance with security frameworks and regulatory requirements.

**Skills for Success**:

- Bachelor’s degree in computer science, Cyber Security, Computer Engineering, or a related discipline
- Minimum 5 years of Cyber Security experience with at least 3+ years of hands-on experience in Identity and Access Management (IAM), including lifecycle management and privileged access management (PAM).
- Strong knowledge of IAM frameworks, Active Directory, SSO, MFA.
- In depth knowledge in managing IAM policies, roles, and permissions in cloud environments (AWS, Azure, GCP)
- Proven experience in advising on key management governance and cloud security frameworks, including ensuring proper encryption controls, key lifecycle management, and compliance with industry standards (e.g., NIST, ISO 27001).
- Experience in supporting compliance audits such as ISO and documenting access controls and governance processes.
- Proficient in IAM tools such as Sailpoint, Sliverfort, Azure AD, CyberArk, with deep understanding of SSO, MFA, OAuth2.0, SAML, and OpenID Connect.
- Strong knowledge of AWS, Azure, and GCP IAM management, including defining roles, permissions, and access policies in cloud environments.
- Practical experience in both cloud-based key management systems (AWS KMS, Azure Key Vault, Google Cloud KMS) and on-premises KMS solutions (e.g. Thales, CyberArk, HashiCorp) to manage encryption keys, enforce security policies, and support compliance.

**Rewards that Go Beyond**
- Full suite of health and wellness benefits
- Ongoing training and development programs
- Internal mobility opportunities

**Are you ready to say hello to BIG Possibilities?