Information Security Manager

**JOB DESCRIPTION**

**Role**:Information Security Manager

**Reports to**: IT Director

**Location**: Singapore

**Responsibilities**
- Lead compliance audit activities (SOC, ISO 27001) for Singapore, Hong Kong, and China
- Responsible for BIPO data privacy, serving in BIPO’s Data Privacy team and answer internal

and external queries related to BIPO’s compliance to data privacy laws / regulations
- Formulation, review, and update of Information Security-related company policies
- Managing security product / features from Microsoft Enterprise license, security, and audit

systems (e.g., CyberArk, Netwrix Audit)
- Be responsible for data privacy and security; including awareness trainings
- Responding to customers’ questions / security questionnaires related to data privacy /

security and support relevant RFP preparation in this area
- Lead security / compliance projects (e.g., vulnerability scans, penetration testing)
- Responsible for respond to security incidents
- Regular review of effectiveness of security systems (e.g., Cloudflare WAF, Crowdstrike,

Comodo AV, PRTG alerting, database encryption, Wifi and network security, physical

security, and feedback improvement to IT infra team)
- Regular review of compliance/internal audit activities done by IT infra team to ensure

successful external audit (e.g., review access logs for security breaches, user access

reviews, firewall reviews, PC audits)
- Performs other duties as assigned related to information security.

**Technical Skills and Competencies**
- Bachelor’s degree in Information Technology or equivalent field of study
- Experience in all or some of these: maintaining ISO 27001 system, responding to information

security audit questions, formulating IT security policies, performing risk assessment and

business impact analysis, performing system vulnerability assessments, reviewing user

activities, network firewall configuration, managing system security patches and server

firewalls, vulnerability scanners, endpoint security / DLP solutions), disaster recovery

planning, managing user information security awareness training, remediating penetration

testing findings, and performing incident analysis, response and reporting.
- Strong hands-on technical skills in IT infrastructure (e.g., server administration,

network/system security, disaster recovery, system high availability, backup operations,

system monitoring, network /system troubleshooting, storage administration, incident

response, change management, patch management, IT audit).

**Asia Pacific - Americas - Europe - Middle East & Africa
- Strong English writing skills, good documentation and effective communication skills, ability to

interact with a range of people.
- Good project management skills, problem solving skills, documentation skills, preferably with

experience in IT infrastructure support (Windows server, SQL Server, Active Directory & DNS,

IIS web server, WSUS, Anti-Virus, Firewall, Network equipment, Office 365, PC support,

Cloud computing). Experience in AWS cloud computing advantageous.
- Responsible, resourceful, effective, detail oriented, able to work and pick up new skills

independently and meet deadlines. Able to respond to critical system alerts and be

contactable for urgent issues outside office hours.
- Fluency in Chinese language ideal

**Useful links**

**About BIPO**

At BIPO, our passion for technology and innovation empowers businesses across the globe with

increased efficiency and convenience.

Our enterprise-ready **HR Management System** **(HRMS) **platform automates HR processes, simplifies

workflows, and delivers actionable insights to build the best Employee Experience. Complemented by

our **payroll outsourcing solutions** and **global PEO services, **we support businesses to manage

today’s global workforce.

We are better connected to support your payroll and people solutions needs through a global network

of 27+ offices, four R&D centers, and business partners across 100+ countries.***

**Our products & services**
- HR Management System (HRMS)
- Global Payroll and HR outsourcing
- Professional Employer Organisation (PEO)

**Asia Pacific - Americas - Europe - Middle East & Africa