Chief Information Security Officer

We are seeking a Chief Information Security Officer for Singtel Digital InfraCo. The CISO will be the subject matter expert for security of Singtel’s Digital InfraCo offerings that encompass software platforms, AI cloud, data centers, satellites and sub‑sea cables. The candidate will liaise with Singtel’s global customers to position the strength of the cyber security posture of Singtel’s Digital InfraCo products. The candidate will also be the trusted advisor to global customers for security best practices including but not limited to CIS, OWASP, ISO 27001/27002/27017/27018, GDPR, HIPAA, PCI DSS and SOC.

• Monitor and improve the security posture of Digital InfraCo products architecture and deployment design.
• As the security subject matter expert, take responsibility in defining the security posture of all global customer deployments.
• Have a deep understanding of the security posture of typical three tier enterprise application architecture, infrastructure security and network security to advise end to end security solution covering networks, applications and infrastructure security for customer deployments on 5G/4G/SDWAN/MPLS/Public Cloud/MEC.
• Have a good understanding of public cloud and private cloud security aspects including but not limited to web application firewalls, virtual firewall, anti‑DDoS, deep packet inspection etc.
• Take responsibility on Planning, implementing, managing, monitoring, and upgrading security measures for the protection of the Digital InfraCo products infrastructure, data, systems, and networks.
• Assist in technical design reviews, integration, testing, and documentation work related to cyber and infrastructure security
• Be a part of incident response team to handle cyber incidents and contribute to change management process to address security aspects
• Perform cyber threat surveillance, research and analysis to monitor the latest trends and developments in cyber attacks, assess the risks and implications to the customer Enterprise platform deployments, and participate in initiatives to strengthen cyber situational awareness and resilience of the Digital InfraCo products infrastructure.
• Gather and analyse cyber threat information and intelligence from various sources to derive insights on the latest attack tactics, techniques and procedures (TTPs), attack trends and patterns, as well as threat actors’ profiles
• Disseminate relevant information to stakeholders to provide early‑warning on impending cyber threats to Prepare technical reports on the analyses and recommendations, including strategies to address the attendant risks posed by the observed threats
• Be the primary security SPOC for all global customers including but not limited to Telcos, Governments, large and small enterprises.
• Proactively hunting for threats and enabling incident management life cycle while supporting recovery efforts.
• Provide insightful knowledge and guidance to the colleagues engaged in prevention measures.
• Develop hypothesis, techniques and execute hunts to identify threats across the environment.
• Maintain collaborations with the security teams and business stakeholders to implement countermeasures and improve defences.
• Active participation and involvement in group discussion and provide with current updates on emerging threats and cyber related risks.
• Proactively coordinate with immediate stakeholders - technical and business stakeholders and manage internal and external partnerships during a security incident.

You embrace failure for the learning it provides. You can inspire and motivate others to deliver your vision. You view obstacles as puzzles to be solved. You are driven by the desire to delight your ultimate client, the customer.

• A degree in Computer Science, IT, Systems Engineering, or related qualification.
• At least 15 years of work experience with incident detection, incident response, and forensics.
• Strong knowledge of cyber security controls, regulations, processes and standards, such as NIST cybersecurity, IM8 and CIS
• Good understanding of security standards including but not limited to CIS, OWASP, ISO 27001/27002/27017/27018, GDPR, HIPAA, PCI DSS and SOC
• Knowledge in Firewalls (functionality and maintenance), Virtualization security, System security both Linux, Windows and Endpoint Security, SIEM, WAF, IPS/IDS, Cloud Security, transport layer security, encryption at rest, zero trust architecture and defence in depth principles.
• Relevant certifications in cyber security, e.g. CISSP, CISM, SANS-SEC511, SANS-FOR578, SANS-FOR610 etc., preferred • Effective communicator who thrives under pressure.
• Highly analytical and able to work independently
• Ability to work under pressure in a fast‑paced environment.
• Strong attention to detail with an analytical mind and outstanding problem‑solving skills.
• Great awareness of cybersecurity trends and hacking techniques