Enable job alerts via email!

Business Information Security Lead

eFinancialCareers

Singapore

On-site

SGD 120,000 - 180,000

Full time

12 days ago

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

A leading company in the Financial Services industry is seeking a Business Information Security Officer to oversee the protection of sensitive information and manage compliance with security regulations. The ideal candidate will have significant experience in security management, risk assessment, and policy development, along with strong leadership and communication skills. This role offers a chance to impact security strategies and foster a culture of awareness within the organization.

Qualifications

  • 8+ years in information security management.
  • Strong understanding of security principles and compliance regulations.
  • Excellent communication and leadership skills.

Responsibilities

  • Develop and implement information security policies.
  • Conduct risk assessments and manage incident responses.
  • Ensure compliance with security regulations and standards.

Skills

Communication
Leadership
Risk Management
Incident Response
Security Compliance

Education

Bachelor's degree in computer science, information technology, or a related field
Advanced degree or relevant certifications (e.g., CISSP, CISM, CISA, GIAC)

Tools

Firewalls
Intrusion Detection Systems
SIEM solutions
Vulnerability Management Tools

Job description

Job Description



I am working with my client on an exclusive partnership to hire a BISO to join their dynamic Security team.

As the Business Information Security Officer (BISO), you will play a crucial role in safeguarding organization's sensitive information and ensuring compliance with relevant regulations and standards. You will oversee all aspects of information security within the company, including policy development, risk assessment, security awareness training, incident response, and regulatory compliance.

Key Responsibilities:
  1. Develop and Implement Information Security Policies: Design, implement, and maintain comprehensive information security policies, procedures, and guidelines to protect the organization's data assets.
  2. Risk Management: Conduct regular risk assessments to identify potential vulnerabilities and threats to the organization's information systems. Develop and implement strategies to mitigate identified risks effectively.
  3. Security Awareness Training: Design and deliver security awareness training programs to educate employees about their roles and responsibilities in maintaining information security. Foster a culture of security awareness throughout the organization.
  4. Incident Response: Establish and maintain an incident response plan to effectively respond to and manage security incidents and breaches. Lead incident response efforts, including investigation, containment, and recovery.
  5. Compliance Management: Ensure compliance with relevant information security regulations, standards, and frameworks, such as MAS TRM, and Cyber Hygiene notice. Monitor changes in regulations and update policies and procedures accordingly.
  6. Vendor Risk Management: Evaluate the security posture of third-party vendors and partners and ensure that appropriate security measures are in place to protect the organization's data when working with external parties.
  7. Security Audits and Assessments: Coordinate and oversee internal and external security audits and assessments. Collaborate with auditors to address any identified vulnerabilities or deficiencies.
  8. Security Incident Reporting: Prepare and present regular reports on the organization's information security posture, including incident trends, compliance status, and remediation efforts, to senior management and relevant stakeholders.
  9. Security Governance: Establish and chair a security governance committee to provide oversight and guidance on information security initiatives and ensure alignment with business objectives.
  10. Security Technology Evaluation: Evaluate new and emerging security technologies and tools to enhance the organization's security posture. Make recommendations for the adoption of appropriate technologies based on risk assessments and business needs.

Qualifications:
  • Bachelor's degree in computer science, information technology, or a related field. Advanced degree or relevant certifications (e.g., CISSP, CISM, CISA, GIAC) preferred.
  • At least 8 years of proven experience in information security management, including policy development, risk assessment, incident response, and compliance management within the Financial Services industry.
  • Strong understanding of information security principles, standards, and best practices.
  • Excellent communication and interpersonal skills, with the ability to effectively communicate complex technical concepts to non-technical stakeholders.
  • Strong leadership and project management skills, with the ability to lead cross-functional teams and drive initiatives to completion.
  • Knowledge of relevant regulations and compliance requirements, such as MAS TRM and Cyber Hygiene notice.
  • Experience with security technologies and tools, such as firewalls, intrusion detection systems, SIEM solutions, and vulnerability management tools.


If you are passionate about information security and have the skills and experience to excel in this role, we would love to hear from you!
Get your free, confidential resume review.
or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.
TrustpilotStars
Rated “Excellent” based on 16,491 reviews
Follow us
JobLeads Youtube ProfileJobLeads Linkedin ProfileJobLeads Instagram ProfileJobLeads Facebook ProfileJobLeads Twitter AccountJobLeads Xing Profile
Company
Services
Free resources
Support

© JobLeads 2007 - 2025 | All rights reserved