IT Security Lead (FSI Experience)

Strategic Leadership & Governance

• Define and implement the enterprise-wide Information Security Strategy in alignment with business goals and regulatory requirements.
• Serve as the primary advisor on all cybersecurity and risk matters.
• Lead the development, approval, implementation, and adherence of information security policies, procedures, and standards.

Risk Management & Compliance

• Lead Information Security Risk Assessments across internal and external domains, including third-party/vendor risks.
• Design and oversee a formal Information Security Risk Management Plan, regularly reporting risk metrics and mitigation.
• Ensure compliance with relevant regulatory, industry, and internal standards (e.g., MAS TRM Guidelines, ISO 27001).
• Conduct periodic audits and reviews of cybersecurity controls and frameworks

Operational Excellence & Metrics

• Manage the IT Infrastructure and Information Security Budget efficiently, ensuring Cost Variance (CV) is minimized.
• Establish performance metrics such as: Cost Efficiency of IT Security investments System Uptime vs. Downtime (Availability) Incident Volume, Resolution Time, Aging Reports Vendor SLA Performance and operational KPIs
• Develop business cases and ROI justifications for information security initiatives and technologies.

Cybersecurity Initiatives & Incident Response

• Oversee the implementation and continuous improvement of Cybersecurity Programs, ensuring proactive threat detection, response, and mitigation.
• Monitor and report on security posture through metrics such as: Number of breaches avoide Time to detect and respond to incidents Compliance level with cybersecurity standards
• Lead security incident response efforts, coordinating cross-functional support and communication.

Technology & Innovation

• Evaluate emerging cybersecurity technologies, practices, and innovations aligned with company IT direction.
• Ensure security assurance for all strategic IT initiatives by identifying suitable controls and countermeasures.
• Drive continuous improvement and maximize business value from IT Security investments through innovation and scalability.

Key Deliverables

• Annual Information Security Strategy and Risk Report
• Ǫuarterly Risk Assessments and Executive Dashboards
• Cybersecurity Initiative Effectiveness Metrics
• Cost Variance and Budget Utilization Reports
• IT Security KPIs and SLA Performance Reviews

Any other ad-hoc duties as assigned by supervisor.

• Minimum 8-10 years of experience in Information Security leadership, with at least 5 years in a IT Security Management or CISO or equivalent role.
• Proven track record of managing cybersecurity programs, risk frameworks, and compliance in financial services or regulated industries.
• Professional certifications such as CISSP, CISM, CISA, CRISC, CCSP, or equivalent are highly preferred.
• Strong understanding of regulatory frameworks, enterprise risk management, and cybersecurity standards.
• Demonstrated experience in budget planning, project management, and strategic execution.

Interested applicants, please email your resume to Andre Chua Jing Ming

Email: andrechua@recruitexpress.com.sg

CEI Reg No: R1989053

EA Licence No: 99C4599

Recruit Express Pte Ltd