Senior Manager, IT Operations & Cybersecurity

The National Volunteer & Philanthropy Centre (NVPC) is the steward of the City of Good vision for Singapore, where individuals, organisations, and leaders come together to give their best for others. Through our brands, programmes, and initiatives, we facilitate partnerships with non-profits, organisations, public sector bodies, and individuals to enliven the giving ecosystem within Singapore. We invite you to join us in building a #CityofGood together.

Senior Manager, IT Operations & Cybersecurity

You will lead and manage NVPC's IT operations, infrastructure, end-user computing, and cybersecurity functions, ensuring secure, reliable, and efficient technology services that support business continuity, and safeguard digital assets in alignment with the organisation's strategic objectives.

The scope of work spans across 3 broad areas:

• Lead and mentor a cross-functional team covering IT operations, infrastructure, EUC, and cybersecurity.
• Develop, maintain and execute IT operations and cybersecurity strategies and plans aligned with organisational goals.
• Drive continuous improvement in processes and service delivery, system reliability, and security posture (e.g. using frameworks like ITIL).

• Lead or support the formulation, implementation and enforcement of progressive cybersecurity policies, standards, and controls to ensure continuous and relevant protection of organizational ICT assets.
• Develop and perform regular corporate security awareness and training programs to NVPC staff to minimize the impact of potential security threats.
• Lead and oversee threat detection, vulnerability management, penetration testing, and risk assessment, and ensure timely remediation.
• Implement monitoring and respond to security incidents and vulnerabilities.
• Ensure compliance with regulatory and organisational security requirements.

• Ensure efficient operations of IT server and network infrastructure, including incident and problem management, system monitoring, and service desk performance meet the required service level.
• Oversee systems monitoring, backups, storage, job scheduling, and systems management reporting
• Track and maintain inventory for IT equipment, licenses, software, and related items in their designated area.
• Standardise and improve IT operations for enhanced efficiency and scalability.
• Lead the Incident Response Team for major IT and security incidents, ensuring rapid containment and resolution.

• Bachelor's degree in Information Technology, Computer Science, Information Systems, or a related discipline. Relevant professional certifications such as CISSP, CISM, CEH, OSCP will be advantageous.
• At least 6-8 years of relevant experience in IT cybersecurity management, incident response, vulnerability management, Governance, Risk and Compliance (GRC).
• Experience and knowledgeable in security frameworks such as ISO27001, NIST cybersecurity framework, Zero Trust framework, CIS hardening.
• Strong understanding of core security domains including infrastructure security, network security, application security, and Governance, Risk and Compliance (GRC), and ICT security risk management methodologies and risk evaluation techniques
• Knowledge of cloud and security technologies (such as SIEM, encryption standards, firewall, cryptography, identity and access management), and frameworks (such as MITRE ATT&CK framework), and security domains (such as network security, cloud security and application security).
• Experience working with and managing third-party vendors and service providers.
• Strategic and results-oriented leader with strong problem-solving capabilities, able to balance technical responsibilities with effective team leadership and coordination.
• Excellent communication and interpersonal skills, with demonstrated experience in vendor and project management to ensure collaboration and alignment across stakeholders.
• Ablilty to articulate cybersecurity risks, mitigation measures and residual risks orally and in writing to stakeholders, in an easily understood and actionable manner.
• Detail-oriented and self-motivated professional with a proactive mindset, adaptable to emerging technologies, and committed to maintaining high standards in documentation and execution.