Senior Information Security Manager (Changi)

About the role

We are seeking a responsible, detail-oriented Senior Information Security Manager to support security operations within a government / highly regulated environment. This role focuses on policy compliance, security operations, vulnerability management, and audit support, working closely with internal stakeholders, SOC teams, and operations teams. This is a 1 Year Project assignment under agency's payroll.

The successful candidate must be comfortable operating in structured, process-driven environments, handling sensitive systems, and adhering strictly to security governance, compliance, and audit requirements. Based in the Changi East Region, you will play a crucial part in ensuring the confidentiality, integrity and availability of our data and IT infrastructure.

What we offer: Up to 8K with performance bonus + Monthly HP Claim + Leave & Medical Claims + Group Insurance Coverage for the right candidate

Security Clearance : Cat 2 Level to be cleared before onboarding

What you'll be doing

Security Governance & Compliance

• Maintain and publish information security policies, procedures, standards, and guidelines in accordance with government security frameworks and regulatory requirements

• Assist in IT security audits, reviews, and compliance assessments

• Track audit findings and remediation actions to closure

• Serve as a point of contact for ICT security matters and provide advisory support to stakeholders

Security Operations & Incident Management

• Handle and investigate security incidents and alerts from:

  • Government Cyber Security Operations Centres (GCSOC / GICS)

  • Security monitoring platforms and devices

• Review and follow up on security events generated by SIEM tools such as Splunk, ArcSight, and others

• Assess, triage, and respond to reported phishing emails

• Escalate serious incidents, violations, and risks in accordance with incident response procedures

Vulnerability & Risk Management

• Perform and generate regular Vulnerability Assessment (VA) reports

• Assess and track vulnerabilities identified from:

  • Servers

  • Network infrastructure

  • Web applications

• Generate and follow up on baseline scans and system hardening compliance checks

• Work with stakeholders to implement risk mitigation and remediation measures

Identity, Access & Patch Management

• Compile and review access rights and privileged account reports

• Perform periodic user and infrastructure account / login reviews

• Track and assess security advisories from government sources and technology principals

• Manage patch management processes, ensuring patches are assessed, approved, and deployed within defined timelines in collaboration with Operations teams

Reporting & Stakeholder Engagement

• Prepare periodic security status reports for management and governance committees

• Highlight key security risks, trends, and compliance status

• Ensure security issues with potential impact are promptly escalated and addressed

 What we're looking for

• Dip/ Degree in IT or relevant discipline

• 3–5 years of hands-on experience in:

  • IT Security Operations

  • Vulnerability management

  • Incident handling

  • Security compliance in regulated environments

• Strong working knowledge of:

  • SIEM platforms (Splunk, ArcSight, or equivalent)

  • Vulnerability scanning and reporting

  • Patch management processes

  • Access control and account reviews

• Experience supporting security audits and compliance activities

• Familiarity with government security advisories, baseline standards, and hardening guides

• Bonus if you possessed Security certifications such as:

  • CISSP / CISM

  • CEH / Security+

  • GIAC (any track)

• Strong documentation, reporting, and stakeholder communication skills

• 24X7 Support standby required in this role.

• Willing to wait for Cat 2 clearance to be cleared before onboarding

If you are ready to take on this exciting challenge, we encourage you to apply now and join our team.

EA License No: 09C4235 I EA Reg: R1103307 (Hong Mei Lin)