Data Protection & Information Security Officer

Aprisium is a Singapore-based deep-tech startup delivering real-time, autonomous contamination monitoring solutions for water, wastewater, and industrial fluids. Our IoT-enabled analyzers and AI-driven analytics help industries detect pollutants at source, optimize processes, and improve both profitability and sustainability.

The Data Protection & Information Security Officer at Aprisium Pte Ltd will be responsible for overseeing the company’s data protection and information security initiatives. This includes ensuring compliance with data protection regulations (PDPA, GDPR) and ISO/IEC 27001 standards, managing security risks, and responding to security incidents. You will collaborate with cross-functional teams to implement security policies, conduct risk assessments, and drive security awareness across the organization.

• Data Protection (PDPA, GDPR, Privacy)
  • Maintain and update the Data Protection Management Programme (DPMP).
  • Ensure ongoing compliance with data protection laws and sectoral regulations.
  • Conduct data protection impact assessments (DPIA) and handle DSARs.
  • Act as the point of contact for regulators and data subjects.
  • Develop and enforce privacy-related policies and procedures.
  • Oversee breach management and incident notification processes.
  • Conduct regular training on personal data handling and acceptable use.
• Information Security (ISO27001)
  • Implement and maintain Aprisium’s Information Security Management System (ISMS).
  • Lead internal audits and support third-party audits (e.g., ISO27001 certification).
  • Maintain security policies, controls, and documentation.
  • Conduct risk assessments, threat modeling, and remediation.
  • Monitor vendor and third-party compliance with infosec requirements.
  • Drive employee awareness and security training programs.
  • Respond to security incidents and ensure post-incident reviews.

• Degree in Law, Information Security, Computer Science, or related discipline.
• Minimum 3–5 years of experience in data protection, cybersecurity, or governance roles.
• Strong understanding of PDPA, GDPR, ISO/IEC 27001, and cloud security principles.
• Experience managing both legal compliance and technical controls.
• Excellent communication and stakeholder management skills.
• Preferred certifications: CIPM, CIPP, CISSP, CISM, ISO27001 Lead Auditor.

• A mission-led, purpose-driven work environment focused on global sustainability.
• Direct influence over Aprisium’s security, privacy, and governance frameworks.
• Exposure to cutting-edge IoT, AI, and cloud technologies in a high-growth startup.
• Flexible hybrid work model with strong support for personal development.

Email your CV and cover letter to ****@aprisium.com with subject line: “Application – DPO/Infosec Officer”.