We are seeking an experienced Cybersecurity (Assurance) Manager to lead the evaluation and remediation of vulnerabilities across our IT systems.
This role will focus on strengthening key cybersecurity domains, proactively addressing emerging threats, and ensuring robust protective measures are in place.
The ideal candidate will stay ahead of the rapidly evolving threat landscape and continuously assess new and emerging technologies that are critical to maintaining the security and resilience of our business operations.
Mandatory Skill(s)
- Degree in Information Technology, Information Systems, Computer Science;
- Must have more than 7 years of experience in Technology Risk Managment, Information or Cybersecurity Risk management, and / or Information Security within Financial Services Industry; 3 years in a lead capacity;
- Strong exposure to Information Technology Risk Management assessment, processes, framework, policies and standards;
- Must have experience in leading vulnerability management or security architecture review activities;
- Must have experience with regulatory requirements as MAS Technology Risk Management (TRM) and MAS Cyber Hygiene,
- Must be familiar with cloud technologies and services, and the required cloud security and risk management framework and controls;
- Familiar with statutory requirements as CSA and PDPA, and security standards as CIS, NIST, OWASP and TOGAF;
- Demonstrates exceptional integrity, initiative, and resilience, with the ability to maintain focus and drive in high-pressure environments;
- Strong research, analytical, and critical thinking skills, with the capacity to perform in-depth contextual analysis to inform decision-making;
- Excellent communication and interpersonal abilities, with the capability to effectively collaborate across teams and clearly articulate technical findings.
Desirable Skill(s)
- Professional certifications such as CISSP and/or CCSP, CISM, CISA. Cloud related certifications.
Responsibilities
- Lead the vulnerability management program with a strong focus on application and cloud environments, including continuous scanning for misconfigurations and vulnerabilities, coordinating application-layer penetration testing, managing responsible disclosure processes, and driving secure code assessments;
- Oversee the offensive security program tailored to cloud-native and distributed systems, including simulated attacks (e.g., red teaming), breach and attack simulations, cloud-focused cyber range exercises, and incident response drills to test the resilience of applications and cloud infrastructure;
- Conduct risk assessments for vulnerabilities discovered in applications and cloud platforms, evaluate their potential business impact, assess control effectiveness, and develop and oversee remediation or mitigation plans;
- Serve as a Security Architect, advising on secure design patterns, reviewing architecture, and containerized workloads, and ensuring alignment with cloud security frameworks;
- Stay ahead of emerging threats in cloud and application landscapes by tracking new attack vectors, zero-day exploits, regulatory developments, and recommending updates to tooling, controls, and architecture to strengthen security posture;
- Collaborate closely with DevOps, SRE, and product engineering teams to embed security into CI/CD pipelines, implement automated security testing, and enforce policies for secure software development and deployment practices across hybrid and multi-cloud environments;
- Develop, maintain, and continuously improve security policies, standards, and procedures, ensuring they are actionable, current, and aligned with industry benchmarks and compliance mandates;
- Provide executive-level visibility through dashboards and reports on security risk posture, vulnerability trends, and outcomes of offensive security activities, enabling data-driven decisions and proactive risk management.
If you are interested in this role, click on the “Apply to this job” button below or you could also write in with your CV to Muh Wen Chua at wyman.chua@sciente.com quoting the job title.
