Infrastructure Security Manager

Be among the first applicants.
China Taiping Insurance (Singapore) Pte. Ltd
Singapore
SGD 80,000 - 100,000
Be among the first applicants.
Yesterday
Job description

Bring out the best in our people to succeed.

You will play an important role in helping to achieve our vision.

We are looking for committed individuals to take up the challenge and join us in our mission to provide quality and professional services, implement stable and sound risk management, cultivate a harmonious & interactive corporate culture and contribute to society.

Responsible for identifying, assessing, managing, and mitigating IT-related risks that could impact the organization. This role involves working with cross-functional teams to ensure compliance with regulatory requirements, industry standards, and internal policies, while enhancing the organization’s overall IT risk management framework.

  • Develop, implement, and maintain the organization’s IT risk management framework and policies.
  • Identify and assess IT risks related to operations, data protection, and third-party vendors.
  • Establish and regularly update the IT risk register to ensure risks are documented and monitored.

Risk Assessment and Analysis

  • Conduct IT risk assessments, including impact and likelihood analysis.
  • Evaluate existing IT systems, processes, and projects for potential risks.
  • Develop key risk indicators (KRIs) to monitor and track IT risk trends.

Risk Mitigation and Controls

  • Design and recommend appropriate risk mitigation strategies and controls.
  • Collaborate with IT teams to ensure security controls are implemented and effective.

Compliance and Regulatory Requirements

  • Ensure IT practices comply with relevant regulations, such as MAS TRM.
  • Coordinate internal and external audits related to IT risk.

Vendor and Third-Party Risk Management

  • Assess risks associated with IT vendors and third-party services, including cloud providers.
  • Conduct periodic reviews of vendor security practices and contracts.

Collaborate with procurement teams to ensure vendors meet security and compliance standards.

Incident Management and Reporting

  • Support the IT and security team in managing cybersecurity incidents and breaches.
  • Conduct post-incident analysis to identify root causes and preventive measures.
  • Prepare and present regular risk reports to senior management and stakeholders.

Any other tasks assigned by the company.

Requirements:

  • Bachelor’s degree in information technology, Computer Science, Risk Management, or a related field.
  • Professional certifications such as CRISC, CISM, CISSP, or ISO 27001 Lead Auditor/Implementer are preferred.
  • Minimum 5–7 years of experience in IT risk management, cybersecurity, or a related field.
  • Knowledge of regulatory standards such as MAS TRM.
  • Strong knowledge of IT risk management frameworks and methodologies.
  • In-depth understanding of cybersecurity principles, IT controls, and regulatory requirements.
  • Proficiency in assessing and managing third-party/vendor risks.
  • Analytical thinking and the ability to assess complex IT environments.
  • Strong communication and presentation skills to interact with stakeholders at all levels.
  • Experience with IT risk management tools and technologies.
Get a free, confidential resume review.
Select file or drag and drop it
Avatar
Free online coaching
Improve your chances of getting that interview invitation!
Be the first to explore new Infrastructure Security Manager jobs in Singapore