Cybersecurity Lead/manager

Well-established consumer business that is strengthening its digital foundation. With technology deeply embedded in its operations, customer engagement, and strategic growth, cybersecurity now plays a mission-critical role.

As Cybersecurity Lead/Manager, you will lead the organization’s security posture—moving beyond technical implementation to drive enterprise-wide risk awareness, compliance, and strategic alignment. This is a high-impact leadership role that blends operational execution with long-term planning, cultural influence, and cross-functional collaboration.

**What You’ll Be Driving**

As the organization’s security lead, your focus will be on driving five core outcomes:

- **Enhanced Security Visibility**: Establish continuous monitoring and measurable KPIs that track the organization’s evolving threat landscape and resilience.
- **Regulatory Excellence**: Ensure full readiness for audits and sustained compliance with **PDPA**and applicable regulatory standards.
- **Certification Alignment**: Position the organization for success with security certifications such as **Cyber Trust Mark**, benchmarking controls against **ISO 27001**, **NIST**, and industry best practices.
- **Security-First Culture**: Promote a workplace where every employee understands and takes ownership of their role in protecting data and systems.
- **Enterprise-Wide Integration**: Embed cybersecurity into business planning, operations, and decision-making as a shared responsibility.

**Key Areas of Accountability**

**Operational Security & Threat Management**
- Respond to threats, investigate anomalies, and coordinate swift resolution in partnership with infrastructure and DevOps teams.

**Risk & Compliance Leadership**
- Lead security assessments, including regular penetration testing and control reviews; document findings and drive resolution.
- Review and update internal policies, standards, and incident response frameworks.
- Maintain alignment with governance frameworks and ensure readiness for third-party audits and certifications.

**Security Awareness & User Engagement**
- Roll out phishing simulation exercises and deliver department-level reporting and improvement plans.
- Design and implement quarterly security training tailored to various job functions.
- Provide senior management with actionable insights via dashboards and summary reports on risk, exposure, and control effectiveness.

**Privacy & Data Protection**
- Collaborate with the Data Protection Officer (DPO) to embed **PDPA**compliance across business units.
- Coordinate responses to internal audits and support the implementation of data privacy policies and breach protocols.
- Oversee data lifecycle management, consent capture processes, and third-party privacy due diligence.

**Strategic Projects & Vendor Oversight**
- Drive implementation of new cybersecurity solutions to strengthen risk management and compliance monitoring.
- Evaluate and approve security clauses in vendor agreements; manage the third-party risk assessment process.
- Contribute to the design of a long-term cybersecurity roadmap aligned with business and digital objectives.

**Who We’re Looking For**
- Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or a closely related field.
- At least **5 years of experience**in cybersecurity, including operations, governance, and regulatory compliance.
- Familiarity with **PDPA**, **ISO 27001**, **NIST**, or similar regulatory and control frameworks.
- Experience with key cybersecurity platforms and tools, such as TrendMicro, phishing simulators, endpoint protection, and vulnerability management systems.
- Proven track record supporting audit processes, managing incidents, and preparing for security certifications.

EA Name: BuildBridge Partners Pte Ltd

EA License No: 25C2918

EA Reg No: R1551092

Khoo Yan Jie