Enable job alerts via email!
Chief Information Security Officer - APAC
SCOR SERVICES ASIA-PACIFIC PTE. LTD.
Singapore
On-site
SGD 150,000 - 200,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading global security firm seeks a Regional Chief Information Security Officer (CISO) for the APAC region. This pivotal role entails governing the implementation of security policies across multiple countries while ensuring compliance with local regulations and global standards. The successful candidate will have over 10 years in cybersecurity, including leadership experience, and hold relevant certifications such as CISSP. This position is crucial for bridging global security initiatives and regional execution in Singapore.
Qualifications
- 10+ years in cybersecurity, including 5 years in a leadership role across different countries.
- Strong understanding of APAC regulatory frameworks (e.g., MAS TRM, IRDAI).
- Knowledge of ISO 27001, NIST CSF and ability to lead cross-functional teams.
Responsibilities
- Govern and implement Group security policies across APAC.
- Coordinate with Local CISO and other regional leaders.
- Facilitate regulatory compliance and manage risk assessments.
Skills
Education
The Regional CISO - APAC serves as the primary security leader for the APAC region, reporting to the Group CISO and with a cross-functional reporting line to the APAC CIO. This role is responsible for governing and overseeing the implementation of Group security policies and programs across APAC, ensuring adherence to global standards while meeting local regulatory obligations. The Regional CISO will govern the five security domains at the regional level, facilitate regulatory compliance, streamline reporting into the Group CISO governance framework, and coordinate with local security leaders, including the Local CISO in India. Additionally, the role ensures readiness for audits, regulatory reviews, and incident response, acting as a trusted advisor to regional leadership on cybersecurity risk and resilience.
The Group Information Security function is dedicated to protecting the organization’s information assets through a unified, risk-based approach to cybersecurity. The function operates across five core domains: Security Governance, Security Architecture, Operations Security, Identity & Access Management (IAM), and Data Protection & Privacy. Each domain is managed centrally by specialized teams under the Group CISO, ensuring global consistency and compliance. Regional CISOs play a critical role in extending this governance model to their respective geographies, ensuring alignment with Group standards while addressing local regulatory and business requirements. They act as the bridge between global strategy and regional execution, enabling effective risk management and regulatory compliance.
- Act as the regional ambassador for Group Information Security policies, standards, and frameworks.
- Govern locally the core security domains managed centrally by the Group CISO teams.
- Ensure consistent implementation of security programs across APAC entities and sites.
- Facilitate the adoption of Group and regulatory requirements, policies, and controls.
- Streamline reporting into the Group CISO centralized governance and reporting framework.
- Oversee and coordinate with the Local CISO in India, ensuring alignment with Group standards and collecting consolidated reporting.
- Facilitate the rollout of global security initiatives and projects within the region.
- Support regional business units in security-related decision-making and risk management.
- Oversee governance of security operations in APAC
- Ensure BCP/DR plans coverage and alignment with Group.
- Track implementation of security awareness programs adapted to APAC cultural and regulatory contexts.
- Maintain a regulatory watch for APAC jurisdictions (e.g., MAS, IRDAI, CBIRC, APRA).
- Facilitate internal and external audits, regulatory questionnaires, and ensure timely remediation of findings.
- Prepare and coordinate responses for local and regional regulatory inquiries and inspections.
- Ensure timely coordination with the group incident manager and CISO for reporting of critical incidents to regulators as required by local laws.
- Facilitate regional risk assessments and integrate results into the Group risk framework.
- Oversee the integration of third-party security risk management for vendors operating in APAC.
- Support secure architecture reviews for regional projects.
- Support the security team in the implementation of regional security KPIs, risk dashboards, and compliance status and reporting to the Group CISO.
- Provide regular updates to APAC leadership on security posture and risk exposure.
- Represent APAC in global security working groups and forums
- 10+ years in cybersecurity, with at least 5 years in a leadership role covering multiple geographies.
- Strong understanding of APAC regulatory frameworks (e.g., MAS TRM, IRDAI, CBIRC, APRA CPS 234).
- CISSP, CISM, or equivalent; knowledge of ISO 27001, NIST CSF.
- Ability to influence stakeholders and manage cross-functional teams in a matrix organization.
- Bachelor's degree in Information Security, Computer Science, or a related field.
- Professional certifications such as CISSP, CISM, CRISC, or ISO 27001 Lead Implementer/Auditor are highly desirable.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
