Associate Director, Information Security (Red Team)

Aryan Solutions Pte Ltd

  • Singapore
  • $120,000 per year
  • Permanent
  • Full-time
  • 13 days ago
ryan Solutions is an ISO 9001:2015 (QM), ISO 27001:2013 (IEC) and IEC 15504 (SPICE) Certified IT Consulting, Outsourcing & Staffing Company that specializes in providing IT Consulting, Technology Services, Staffing, Managed Services, Search to Local and Multi-national Companies within APAC, SEA, India & Australia who are leaders in Financial Services, Hedge funds, Asset Management, Telecommunication, Information Technology, Manufacturing, and Government & Public Sector.The RoleYou will be responsible for :
  • Generating IT budget in conjunction with other stake holders.
  • Managing overall IT operations ranging from infrastructure to application.
  • Managing day-to-day stakeholder interaction, identifying needs and evaluating solutions.
  • Working with other internal stakeholders as well as third party vendors to ensure solutions are in line with current & future business requirements.
Ideal ProfileMake an Impact by
  • Develop and maintain strong partnerships with business leaders and technology owners to understand their needs and requirements related to security advisories. Support the business and serve as a subject matter expert on information security and cybersecurity matters. Gain ongoing commitment from senior leadership and other stakeholders to support the successful implementation of the information security strategy.
  • Provide independent oversight of the cybersecurity risk management process and ensure that the Business Unit performs risk assessments and remediates the identified risks per the defined process.
  • Strong analytical skills with the ability to collect and analyze significant amounts of information. Capable of summarising and presenting analysis from significant amounts of information to constructively drive actions and decisions. Conduct security risk assessment and business impact analysis and develop a security risk treatment plan.
  • Analyse organizational and operational environment, such as assess & document threats, and determine system protection needs. Collaborate with stakeholders for risk management, mitigation, and remediation measures.
  • Point of contact to assist and advise Line-of-Business for cybersecurity-related matters. Strong interpersonal and communication skills with the ability to interact with technical SMEs and business stakeholders and present to senior management stakeholders.
  • Participate in and/or oversee the risk identification, risk assessment, and risk treatment process; the vulnerability assessment and threat analysis process.
  • Define and monitor management and operational metrics for the information security program. Report on information security key risk indicators (KRIs), including noncompliance and changes in information risk, to key stakeholders to facilitate the risk management decision-making process.
  • Partner with GCR Group Governance & Compliance to enforce, rollout, and implement new security policies, standards, guidelines, and awareness programs across the Group. Participate in the Change Approval Board (CAB) for the BU to support governance over technology and security changes.
  • Partner Group Risk Management (GRM) Internal Audit (IA) and other risk functions to support risk management efforts and reviews. Partner with Legal and Procurement to review 3rd Party contracts to ensure security requirements are adequately covered to protect Singtel Group’s interest.
Skills for Success
  • Diploma/Degree or higher in Computer Science / Information Systems / Cyber Security or related discipline, or equivalent work experience
  • At least 8 to 12 years of experience in information security and/or cybersecurity in telco/techno or Critical Information Infrastructure (CII) sectors
  • Strong knowledge in information security, cybersecurity, and privacy protection, information security management systems – requirements, and information security controls such as CIS Critical Security Controls, ISO/IEC 27001 and 27002, NIST Cybersecurity Framework, etc
  • Strong knowledge in domains such as security and risk management, communication and network security, asset security, identity and access management (IAM), security architecture and engineering, security assessment and testing, and software development security, cloud concepts architecture & design, cloud data security, cloud platform & infrastructure security, cloud application security
  • Good understanding of the Cybersecurity Act in Singapore, Cybersecurity Code of Practice (CCoP) for CII, Personal Data Protection Act (PDPA), MAS Technology Risk Management (TRM) Guidelines, etc
  • Professional certifications such as Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), or Certified Information Systems Security Professional (CISSP) preferred
  • Experience with BitSight, CIS SecureSuite tools, Immuniweb, Archer, JIRA, BWise, Prevalent AI, etc
  • Strong leadership skills with the ability to lead and influence cross-functional teams without direct authority
  • Excellent communication and interpersonal skills with the ability to work collaboratively with cross-functional teams
  • Ability to think strategically and solve complex problems
  • Strong project management skills, with the ability to manage multiple projects simultaneously and deliver results on time and within budget
  • Good report writing (both management and operation team focused) skills
  • Good presentation skills
Rewards that Go Beyond
  • Hybrid work arrangements
  • Full suite of health and wellness benefits
  • Ongoing training and development programs
  • Internal mobility opportunities
What's on Offer?
  • Work within a company with a solid track record of success
  • Join a well known brand within IT Infrastructure / Blockchain / Cloud Computing
  • Excellent career development opportunities

Aryan Solutions Pte Ltd