Head, Authorisation Security(Singapore, Malaysia)

Job ID: 36810

Location: Singapore, SG

Area of interest: Technology

Job type: Regular Employee

Work style: Office Working

Opening date: 7 Aug 2025

**JOB SUMMARY**-
**Role Overview**:
**RESPONSIBILITIES**

**Strategy**
- Lead the end-to-end strategy and execution of the IAM Authorisation Security function, with a strong emphasis on access policy enforcement, privilege elevation, and role-based access control (RBAC).
- Operationalise authorisation security frameworks aligned with Zero Trust principles, ensuring scalable and consistent policy enforcement across hybrid and multi-cloud environments.
- Oversee the design, implementation, and continuous improvement of fine-grained access controls, including ABAC (Attribute-Based Access Control), PBAC (Policy-Based Access Control), and JIT (Just in Time) access.

**Business**
- Lead a team to design and operate products and workflows with user experience and service excellence in mind.
- Execute centralised controls and maintain oversight of decentralised controls across authorization security, and access governance.

**Processes**
- Own, execute and operate centralised controls for all IAM Authorisation Security Global Process Owner (GPO) responsibilities.
- Own the oversight and providing control effectiveness SME recommendations on solutions of decentralised controls for all IAM Authorisation Security Global Process Owner (GPO) responsibilities.
- Define and continuously improve end-to-end processes for:

- Access governance and lifecycle management
- Privileged Identities lifecycle management
- Standardise authorisation security onboarding playbooks across cloud, on-prem, and hybrid workloads.
- Implement ABAC (Attribute-Based Access Control), PBAC (Policy-Based Access Control), and JIT access
- Build reusable workflow templates and automation libraries for provisioning, deprovisioning, access requests, and recertifications into pipelines or workloads.
- Partner with Cyber Ops to define and operationalise incident management processes for authorisation bypass, or privileged escalation events
- Establish clear RACI models and documentation for authorisation security ownership, ensuring accountability across technology domains.

**Technology**
- Operate centralised Authorisation security solutions and technologies (e.g., SailPoint, ForgeRock, Ping Identity, Azure AD, AWS IAM, etc.).
- Lead a team of SMEs to drive the implementation of access control principles, including RBAC, ABAC, SoD, Just-In-Time (JIT) access, and policy enforcement points (PEPs).
- Lead the implementation of Authorisation security requirements in the following areas: Edge devices / ORB (Routers, Switches, FW, etc.), Platforms (Windows, Unix, VM), DB, APIs, AI agents, Applications, Endpoints, Devices, IoT, IaaS, PaaS, SaaS
- Implement access governance and provisioning solutions across enterprise, cloud, and hybrid infrastructures.
- Operate and drive the implementation of security principles in Access governance solutions, and Privileged Identity Access Management solutions.
- Ensure service resilience and SLA for centralised products are adhered to
- Ensure relevant KPIs and metrics are managed pro-actively and prompt actions are taken to correct course where downward trends are observed.

**People & Talent**
- Manage requirements and SLAs across senior technology leaders, business leaders, auditors, and risk functions to align IAM strategies with enterprise risk appetite.
- Translate complex IAM concepts into business-friendly language for non-technical stakeholders.
- Provide strong project and delivery leadership, with ability to prioritise and deliver IAM initiatives in alignment with cybersecurity roadmap and regulatory timelines.
- Lead, mentor, and grow a team of IAM security product owners and engineers, fostering a culture of technical excellence and continuous improvement.
- Foster a collaborative and high-performance team culture.
- Manage key vendor relationships related to IAM platforms, security tools, and managed services.
- Lead through example and build the appropriate conduct, culture and values. Set appropriate tone and expectations from their team and work in collaboration with risk and control partners.
- Employ, engage and retain high quality people, with succession planning for critical roles.

**Risk Management**
- Define KPIs and reporting metrics to measure control effectiveness for IAM Authorisation Security, maturity, and compliance with regulatory requirements (e.g., PRA, HKMA, MAS TRM, ISO 27001, NIST).
- Provide SME lead during internal and external audits from IAM Authorisation Security perspective and ensure resolution of Authorisation security related findings or control gaps.

**Governance**
- Implement, and maintain IAM authorisation security controls based on industry standards (NIST 800-63, NIST CSF, ISO 27001, CIS Controls, MITRE, etc.) and regulatory requirements (MAS, PRA, HKMA, GDPR, SOX, etc.).
- Ensure effective IAM Authorisation Security inp