INFORMATION SECURITY MANAGER
HORIZON DIGITAL MEDIA PTE. LTD.
7 days ago
Posted date7 days ago
N/A
Minimum levelN/A
Key Responsibilities
Define and execute the organization's information security roadmap, aligning with business goals and regulatory standards.
Architect, implement, and enforce security frameworks, ensuring protection of data, networks, and enterprise applications.
Lead, mentor, and manage a team of security engineers/analysts, setting priorities and guiding technical excellence.
Conduct enterprise-wide risk assessments, oversee vulnerability testing, penetration assessments, and manage incident handling.
Drive compliance initiatives across standards and regulations (ISO 27001, NIST, SOC 2, GDPR, PCI-DSS, HIPAA).
Partner with IT, DevOps, and application teams to integrate security into system architecture and software delivery pipelines.
Supervise SOC functions including monitoring, threat hunting, alert triage, and escalation procedures.
Define key metrics and security dashboards to report risks, incidents, and posture improvements to executive leadership.
Evaluate and implement cutting-edge security solutions to enhance detection, prevention, and response capabilities.
Promote a strong security-first culture through awareness sessions, training programs, and internal campaigns.
Core Technical Expertise (Tough Skills)
Cybersecurity & Risk Management: Expertise in risk frameworks, threat modeling, BCP/DR planning, and structured incident management.
Security Tools & Infrastructure: Hands-on experience with SIEM (Splunk, QRadar, ELK), IDS/IPS, EDR/XDR, IAM/PAM solutions, DLP, WAF, CASB, and firewalls.
Cloud Security: Skilled in securing AWS, Azure, and GCP environments - covering IAM, KMS, CSPM, and workload hardening.
Application & Network Security: Strong background in secure SDLC, DevSecOps, vulnerability scanning, penetration testing (Nessus, Burp Suite, Qualys, Metasploit).
Cryptography & Data Protection: Proficient in PKI, SSL/TLS, encryption, tokenization, data masking, and key lifecycle management.
Governance, Risk & Compliance (GRC): Knowledge of ISO 27001, SOC 2, NIST CSF, COBIT, GDPR, PCI-DSS, HIPAA standards.
Incident Response & Forensics: Capable of managing SIEM alerts, coordinating forensics investigations, malware analysis, and breach response.
Automation & Scripting: Familiar with Python, PowerShell, and Bash for security automation, log parsing, and custom tooling.
Nice to Have
Professional certifications such as CISSP, CISM, CISA, CEH, OSCP, CCSP, or ISO 27001 Lead Auditor/Implementer.
Experience building Zero Trust models and securing containerized workloads (Docker, Kubernetes).
Knowledge of SOAR platforms and threat intelligence integrations.
Define and execute the organization's information security roadmap, aligning with business goals and regulatory standards.
Architect, implement, and enforce security frameworks, ensuring protection of data, networks, and enterprise applications.
Lead, mentor, and manage a team of security engineers/analysts, setting priorities and guiding technical excellence.
Conduct enterprise-wide risk assessments, oversee vulnerability testing, penetration assessments, and manage incident handling.
Drive compliance initiatives across standards and regulations (ISO 27001, NIST, SOC 2, GDPR, PCI-DSS, HIPAA).
Partner with IT, DevOps, and application teams to integrate security into system architecture and software delivery pipelines.
Supervise SOC functions including monitoring, threat hunting, alert triage, and escalation procedures.
Define key metrics and security dashboards to report risks, incidents, and posture improvements to executive leadership.
Evaluate and implement cutting-edge security solutions to enhance detection, prevention, and response capabilities.
Promote a strong security-first culture through awareness sessions, training programs, and internal campaigns.
Core Technical Expertise (Tough Skills)
Cybersecurity & Risk Management: Expertise in risk frameworks, threat modeling, BCP/DR planning, and structured incident management.
Security Tools & Infrastructure: Hands-on experience with SIEM (Splunk, QRadar, ELK), IDS/IPS, EDR/XDR, IAM/PAM solutions, DLP, WAF, CASB, and firewalls.
Cloud Security: Skilled in securing AWS, Azure, and GCP environments - covering IAM, KMS, CSPM, and workload hardening.
Application & Network Security: Strong background in secure SDLC, DevSecOps, vulnerability scanning, penetration testing (Nessus, Burp Suite, Qualys, Metasploit).
Cryptography & Data Protection: Proficient in PKI, SSL/TLS, encryption, tokenization, data masking, and key lifecycle management.
Governance, Risk & Compliance (GRC): Knowledge of ISO 27001, SOC 2, NIST CSF, COBIT, GDPR, PCI-DSS, HIPAA standards.
Incident Response & Forensics: Capable of managing SIEM alerts, coordinating forensics investigations, malware analysis, and breach response.
Automation & Scripting: Familiar with Python, PowerShell, and Bash for security automation, log parsing, and custom tooling.
Nice to Have
Professional certifications such as CISSP, CISM, CISA, CEH, OSCP, CCSP, or ISO 27001 Lead Auditor/Implementer.
Experience building Zero Trust models and securing containerized workloads (Docker, Kubernetes).
Knowledge of SOAR platforms and threat intelligence integrations.
JOB SUMMARY
INFORMATION SECURITY MANAGER
HORIZON DIGITAL MEDIA PTE. LTD.
Singapore
7 days ago
N/A
Contract / Freelance / Self-employed
INFORMATION SECURITY MANAGER