Cybersecurity Lead

Key Responsibilities

1. SOC & Incident Response

• Lead Security Operations: Oversee the daily operations of the SOC, including

threat detection, incident response, vulnerability management, and threat intelligence.

• System Architecture: Design and optimize our security stack (SIEM, SOAR,

EDR, NDR) to ensure 24/7 visibility across cloud (AWS/Azure/Alibaba Cloud) and onpremise

environments.

• Incident Handling: Act as the primary lead for high-severity security incidents,

performing root cause analysis and implementing remediation strategies.

2. Security & Data Compliance

• Global Compliance: Lead the certification process and maintenance for ISO

27001, SOC2, and PCI-DSS.

• Data Privacy: Ensure regional operations comply with Singapore PDPA, EU

GDPR, and other local data protection regulations.

• China-Overseas Alignment: Coordinate with the China engineers to ensure

overseas operations where cross-border data transfer is involved.

• Audit Management: Manage internal and external security audits, acting as the

key point of contact for regulatory bodies in Singapore and other overseas

jurisdictions.

3. Governance & Strategy

• Vendor Management: Evaluate and manage third-party security service

providers and MSSPs.

• Risk Assessment: Conduct Regular Data Protection Impact Assessments

(DPIA) and security risk assessments for new product features and overseas market

expansions.

Required Qualifications

• Experience: Minimum 8–10 years in Information Security, with at least 3 years in

a leadership/lead role within a SOC environment.

• Regional Expertise: Proven experience working for Chinese technology

companies or MNCs with significant collaboration in China; deep understanding of

the cultural and regulatory nuances of "China Global" businesses.

• Technical Skills: * Hands-on experience with cloud security (AWS, Google

Cloud, or Alibaba Cloud).

￮ Familiarity with security tools like Splunk, Sentinel, or CrowdStrike.

• Compliance Knowledge: Expert-level understanding of PDPA and GDPR.

Experience with EO14117 is a major advantage.

• Education & Certifications: * Bachelor’s degree in Computer Science, Cyber

Security, or related field.

￮ Professional certifications: CISSP, CISM, CIPP/E, or CIPP/A.

• Languages: Fluency in English (Professional level) is essential to communicate

effectively across teams.

Hiring Manager's Note

The ideal candidate is not just a "firefighter" in the SOC, but a strategic thinker who understands that security is the foundation of trust in global expansion. You must be comfortable navigating the complexities of different regulatory regimes