Job Description
Key Responsibilities
Oversights in Technical Assessments and Recommendations
Conduct meticulous and comprehensive technical assessments of security controls, leaving no stone unturned in identifying critical gaps and providing strategic recommendations.
Perform technical information security risk assessments on business applications throughout the development lifecycle, including SDLC, Agile, and Iterative methodologies.
Identify and report significant information security issues and gaps, providing technical-level recommendations for risk mitigation.
Act as the Subject Matter Expertise in Application Development Lifecycle:
Provides expert advice in assessing security requirements and controls throughout the application development lifecycle.
Ensure strategic planning and implementation of security controls to enhance development lifecycle security.
Driving Strategic Improvements in Information Security:
Drive improvement initiatives to enhance information security processes, standards, and policies.
Advocate for the promotion of information security best practices, ensuring alignment with relevant regulations and frameworks.
Strategic Stakeholder Engagement and Collaboration
Collaborate with domain architects, project managers, and IT subject matter experts to foster a collective security culture.
Raise awareness of the organizations information security policies, standards, and best practices among stakeholders.
Interface with Risk, Internal Audit, External Audit, and regulatory bodies during audits to provide support and facilitate smooth audit processes.
Ensure stakeholders understand their strategic roles and responsibilities concerning information security, fostering a culture of accountability.
Job Requirement
Experience
Minimum of 7+ years of progressive experience in Information Security, Audit, or Risk Management roles, with significant exposure in financial services or similarly regulated industries.
Good command of Information Security control areas including Authentication/Authorization, Access Controls, Entitlement, Cryptography, Encryption, Network, Application/System Security, and Key Management. In-depth knowledge of Vulnerability Management frameworks (OWASP, SANS) is essential.
Proficiency in SDLC, Agile/Iterative, DevOps/DevSecOps methodologies, and their integration with comprehensive security assessments.
Demonstrated understanding and application of the Singapore regulatory framework, local laws concerning information security, technology risk, and data protection (e.g., MAS TRM, PDPC PDPA).
Strong familiarity with global standards such as ISO-27001, NIST CSF, MITRE ATT&CK, and their practical application.
Expertise in API Security and Cloud Security architectures, particularly in AWS or Azure environments.
Exceptional written and verbal communication skills, with a proven ability to influence and negotiate effectively. Keen attention to detail with strong problem-solving and analytical abilities.
Demonstrated capability to lead and mentor teams, with a track record of driving strategic initiatives independently.
Education
University degree in Information Security, Computer Science, Engineering, or a related field. Advanced degrees and relevant certifications are preferred.
Certification
Relevant Information Security Industry qualifications / certifications such as CISSP, CISM, CISA, relevant SANS certifications, Cloud certifications (AWS/Azure), or equivalent industry-recognized qualifications are mandatory.
About SinglifeSinglife is the regions fastest scaling technology company that focuses on holistic financial well-being. Singlife is also the first independent life insurance company licensed by the Monetary Authority of Singapore since
- As a testament to the strength of Singlife's strong capital base and governance, it successfully acquired Zurich Life Singapores business portfolio and achieved more than SGD6.6 billion in life insurance coverage. Singlife is on a mission to change the way people look at growing their wealth and ensuring a financially-secured retirement. To attain this vision, Singlife builds itself as an efficient company seamlessly integrating cutting-edge technology capabilities via a swathe of consumer-centric products so as to enable our customers to live their best lives with complete protection.Our Mission- A connected financial experienceAt Singlife, our mission is to unlock the potential of money for you. We are building a connected financial experience by leveraging smart technologies to make insurance digital and mobile-first.What we OfferAccessibility- View policy information through your mobile device, tablet, or desktop.Affordability- Get better coverage at a much friendlier price.Convenience- Sign up online and get covered in minutes.Transparency- Customise coverage and policy features and receive real-time quotations.
