IT Security Lead (MNC, CBD, Salary Up to $7,000)

• Position: IT Security Lead
• Well Established General Insurance Company
• Working Hours: 8 Hours Per Day, 5 Days Work Week
• Salary (commensurate with experience): Up to $7,000
• Working Location: Raffles Place
• Duration: Permanent
• Industry: Insurance

Strategic Leadership & Governance

• Define and implement the enterprise-wide Information Security Strategy in alignment with organisation’s business goals and regulatory requirements.
• Serve as the primary advisor to the CITO and executive leadership on all cybersecurity and risk matters.
• Lead the development, approval, implementation, and adherence of information security policies, procedures, and standards.
• Ensure business units understand and adhere to the organization's security objectives and practices.

• Lead comprehensive Information Security Risk Assessments across internal and external domains, including third‑party/vendor risks.
• Design and oversee a formal Information Security Risk Management Plan, regularly reporting risk metrics and mitigation effectiveness.
• Ensure continuous compliance with relevant regulatory, industry, and internal standards (e.g., MAS TRM Guidelines, ISO 27001).
• Conduct periodic audits and reviews of cybersecurity controls and frameworks.

• Manage the IT Infrastructure and Information Security Budget efficiently, ensuring Cost Variance (CV) is minimized.
• Establish performance metrics such as:

1. Cost Efficiency of IT Security investments
2. System Uptime vs. Downtime (Availability)
3. Incident Volume, Resolution Time, Aging Reports
4. Vendor SLA Performance and operational KPIs

• Develop business cases and ROI justifications for information security initiatives and technologies.

• Oversee the implementation and continuous improvement of Cybersecurity Programs, ensuring proactive threat detection, response, and mitigation.
• Monitor and report on security posture through metrics such as:

1. Number of breaches avoided
2. Time to detect and respond to incidents
3. Compliance level with cybersecurity standards

• Lead security incident response efforts, coordinating cross‑functional support and communication.

• Evaluate emerging cybersecurity technologies, practices, and innovations aligned with organisation’s strategic IT direction.
• Ensure security assurance for all strategic IT initiatives by identifying suitable controls and countermeasures.
• Drive continuous improvement and maximize business value from IT Security investments through innovation and scalability.

• Bachelor’s or Master’s degree in Computer Science, Information Security, Information Technology, or a related field.
• Minimum 8-10 years of experience in Information Security leadership, with at least 5 years in IT Security Management or CISO or equivalent role.
• Proven track record of managing cybersecurity programs, risk frameworks, and compliance in financial services or regulated industries.
• Strong understanding of regulatory frameworks, enterprise risk management, and cybersecurity standards.
• Executive presence and ability to communicate complex technical issues to non‑technical stakeholders.
• Strong leadership, influence, and team‑building skills across multidisciplinary teams.
• Demonstrated experience in budget planning, project management, and strategic execution.

Email to: eugenie.cheah@ascension-sg.com for more information.

***We do not charge our candidates any referral fee nor bind them with any contract. ***

Eugenie Cheah

Consulting Manager

Reg no.: R24122293

EA No: 25C2861