Seeking an experienced Information & Cyber Security Engineer to strengthen a centralized technology function and accelerate secure cloud adoption across a regional operations footprint. The role focuses on cybersecurity risk assessment, cloud security, thirdparty assurance, and governance in a regulated environment of a financial and banking environment.

Mandatory Skill(s)

• Must have at least 5+ years’ experience in information security, risk management, or cybersecurity roles;
• Must have minimum 2+ years’ hands on experience securing public, private, and hybrid cloud environments;
• Strong grasp of threat modelling, risk assessment methodologies, and risk mitigation approaches;
• Knowledge of security governance and standards (e.g., ISO 27001, MAS TRM / local regulator frameworks, NIST, CCM);
• Demonstrated experience performing: IT security risk assessments, vendor/thirdparty security due diligence, and tech obsolescence reviews;
• Familiarity with cloud security frameworks, cybersecurity tools, and risk governance;
• Prior experience in banking, asset management, or other heavily regulated sectors;
• Proven ability to influence senior stakeholders and drive security improvements endtoend.

Desirable Skill(s)

• Certifications :CISSP, CISM, CRISC, CEH, CCSP, or relevant certifications from – ISC2, ISACA, SANS, Microsoft, AWS, CISCO;
• Proven ability to influence senior stakeholders and drive security improvements endtoend;
• Motivated self-starter with leadership skills and the ability to work independently;
• Familiarity with security monitoring tools and automation/digitization of workflows;
• Strong analytical skills and a pragmatic approach to remediations and controls.

Responsibilities

• Plan and carry out comprehensive IT security risk assessments across applications, infrastructure and cloud services;
• Lead security due diligence for thirdparty service providers, including onsite assessments where required;
• Identify and manage risks arising from technology obsolescence and platform endoflife scenarios;
• Advise technology and business teams as a trusted subject matter expert on security and risk decisions;
• Provide guidance and oversight to regional/subsidiary security teams to ensure consistent risk management practices;
• Maintain and enhance security checklists, guidelines, and governance artefacts;
• Drive process improvements, automation and digitization to streamline risk management workflows;
• Produce regular risk reports and track remediation actions; keep abreast of emerging threats and security trends.

If you are interested in this role, click on the “Apply to this job” button below or you could also write in with your CV to Arwin Kaur at arwin.k@sciente.com quoting the job title.