Cybersecurity Manager

Key Duties & Responsibilities:

Vendor and Stakeholder Management

• Act as the primary liaison between the company and the Cybersecurity Partners, ensuring seamless communication and alignment of objectives.
• Collaborate with the partners to develop and maintain the company's cybersecurity strategy, policies, and roadmap.
• Work closely with Senior Management and the Head of IT to prioritize security initiatives and integrate them into the IT department's workflow.
• Translate high-level security reports and recommendations from the Cybersecurity Partners into technical requirements for the IT team.
• Engage with various business departments to understand their security needs and promote a culture of security awareness.

Security Program Management

• Manage and ensure the proficiency of the overall cybersecurity framework of the organisation.
• Oversee the implementation of the cybersecurity improvement plan, managing project timelines, resources, and deliverables.
• Coordinate and support security assessments and audits, including vulnerability scans, penetration testing, and risk assessments, and drive the remediation of identified issues.
• Monitor, manage and respond to cybersecurity incidents and threats, working with the IT team and the Cybersecurity Partners to contain, eradicate, and recover from attacks or threats.
• Ensure compliance with relevant Singaporean and international data protection regulations, such as the Personal Data Protection Act (PDPA) and the General Data Protection Regulation (GDPR).
• Assist in the development, implementation, and enforcement of information security policies, standards, and procedures.

Technical Collaboration and Operations

• Partner with the IT infrastructure team to implement and manage security controls for networks, servers, and endpoints.
• Collaborate with the application development team to integrate security into the Software Development Lifecycle (SDLC).
• Provide internal expertise and guidance on security tools and technologies, including firewalls, endpoint detection and response (EDR), and identity and access management (IAM) solutions.
• Monitor security alerts and threat intelligence, and coordinate response activities with the external SOC and internal teams.

Reporting and Governance

• Assist in preparing and presenting regular security posture reports and updates for senior management.
• Maintain a risk register and track the status of risk mitigation efforts.
• Contribute to the continuous improvement of the overall security program by monitoring key performance indicators (KPIs) and suggesting

Qualifications, Knowledge and Skills:

Required:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• A minimum of 6-8 years of hands-on experience in an IT security role, with a proven track record of managing security projects and initiatives.
• Strong understanding of core security domains including infrastructure security, network security, application security, and GRC (Governance, Risk, and Compliance).
• Strong proficiency and experience with cybersecurity technologies including EDR solutions.
• Experience working with and managing third-party vendors and service providers.
• Excellent communication, interpersonal, and stakeholder management skills.
• Based in Singapore with a good understanding of the local regulatory landscape.

Preferred:

• Professional security certifications such as CISSP, CISM, or CISA are highly desirable.
• Experience in a hybrid environment, securing both on-premise and cloud (AWS, Azure) infrastructure.
• Hands-on experience with a range of security technologies and frameworks (e.g., NIST, ISO 27001, CIS Control v8).
• Demonstrated ability to work collaboratively in a team-oriented environment.

Personal Attributes:

• Proactive and Self-Motivated: Ability to work independently and take ownership of security initiatives.
• Analytical and Detail-Oriented: Strong problem-solving skills with a keen eye for detail.
• Collaborative: A true team player who can build strong relationships both internally and externally.
• Adaptable: Capable of thriving in a dynamic and evolving threat landscape.