Regional Business, Cybersecurity Risk and Compliance Manager

Location: Singapore, Singapore

Thales is a global technology leader trusted by governments, institutions, and enterprises to tackle their most demanding challenges. From quantum applications and artificial intelligence to cybersecurity and 6G innovation, our solutions empower critical decisions rooted in human intelligence. Operating at the forefront of aerospace and space, cybersecurity and digital identity, we’re driven by a mission to build a future we can all trust.

In Singapore, Thales has been a trusted partner since 1973, originally focused on aerospace activities in the Asia-Pacific region. With 2,000 employees across three local sites, we deliver cutting-edge solutions across aerospace (including air traffic management), defence and security, and digital identity and cybersecurity sectors. Together, we’re shaping the future by enabling customers to make pivotal decisions that safeguard communities and power progress.

Job Summary:

We are seeking an experienced Cybersecurity Risk and Compliance professional to lead and oversee Business security governance across Thales DIS Asia’s Business, Manufacturing, R&D, and outsourced operations. The role focuses on ensuring compliance with ISO27001 and other relevant standards, managing security risks, and implementing GRC tools and processes.

Responsibilities:

• Lead Business Security Governance & Oversight for Asia operations, ensuring alignment with corporate policies and regulatory standards.
• Implement and maintain site security operation processes across personnel, physical, IT, and production environments.
• Ensure ISO27001 compliance and support other certifications (e.g., PCI-CP CC/EMVCo, GSM-SAS).
• Act as Subject Matter Expert (SME) for security-related queries, risk mitigation strategies, certifications and upkeep of ongoing security & regulatory requirements
• Conduct risk assessments, audits, and support accreditation efforts across internal and outsourced activities.
• Develop and maintain the Security Management System (SMS) and ensure KPI compliance.
• Collaborate with business leaders to deploy security frameworks and controls.
• Lead investigations into security incidents and provide actionable reports.
• Monitor and advise on cloud security, including AWS, Azure, GCP, Kubernetes, serverless, and data protection practices.
• Utilize GRC tools and security dashboards (e.g., Splunk, Grafana, Kibana, Power BI) to manage and report on security posture.
• Any other special projects as specified, as and when required.
• Travel within Asia (20–30%) to support regional security operations.

Requirements:

• Bachelor’s degree in IT or related field.
• Minimum 8 years of experience in IT Security or Audit.
• Certifications preferred: CISSP, CISA, CISM.
• Strong knowledge of IT and OT security, cloud security, and data protection.
• Experience with security incident investigation, policy development, and audit planning.
• Familiarity with ISO27001, industry standards, and GRC platforms.
• Excellent communication, analytical, and problem-solving skills.
• Ability to work independently and collaboratively across teams.

At Thales, we’re committed to fostering a workplace where respect, trust, collaboration, and passion drive everything we do. Here, you’ll feel empowered to bring your best self, thrive in a supportive culture, and love the work you do. Join us, and be part of a team reimagining technology to create solutions that truly make a difference – for a safer, greener, and more inclusive world.