Senior Analyst, Vulnerability & Cyber Risk Management

Posted 6 Days Ago
Be an Early Applicant
Singapore, SGP
In-Office
Senior level
Gaming • Retail • Travel • Hospitality
The Role
Lead and mature enterprise vulnerability and cyber risk programs across on‑prem, cloud, hybrid, and OT environments. Design risk‑based prioritization, remediation workflows, governance, and metrics. Build automation, APIs, event‑driven workflows, dashboards, and data models to drive measurable risk reduction and audit‑ready evidence. Partner with stakeholders to define controls, compensating controls, and risk acceptance processes.
Summary Generated by Built In

WE TAKE YOU ABOVE BEYOND

Take your passion to the next level and work alongside other masters of their craft to build a fulfilling and rewarding career at Marina Bay Sands.

Job Responsibilities

Vulnerability Management

  • Operate and mature the enterprise vulnerability management program across on‑premises, hybrid, cloud, and OT environments, defining governance, accountability models, and end‑to‑end processes that are scalable, auditable, and resilient to personnel change.
  • Lead the modernization of vulnerability detection and analysis by advancing from traditional scanning approaches toward agent‑enabled and AI‑assisted techniques, while maintaining effective coverage in legacy and operationally constrained environments.
  • Design and institutionalize risk‑based prioritization and remediation workflows that integrate technical severity, exploitability, threat intelligence, asset criticality, exposure, and business impact, with clear escalation and exception paths.
  • Partner with infrastructure, cloud, application, and OT stakeholders to define baseline security and hardening expectations, remediation standards, and validated compensating controls aligned to operational realities and jurisdictional requirements.
  • Establish durable metrics, reporting, and evidence standards that demonstrate coverage, remediation performance, aging exposure, and measurable risk reduction to support governance, audits, and executive decision making.

Cyber Risk Management

  • Operate and evolve the cyber risk management framework, including methodology, governance, documentation, and decision criteria, enabling consistent, defensible, and repeatable risk outcomes across systems and jurisdictions.
  • Overhaul and standardize the risk exception and risk acceptance process, defining approval authorities, time‑bound renewals, closure evidence requirements, and alignment to global security expectations and local regulatory obligations.
  • Review and assess proposed remediations and compensating controls to determine whether they sufficiently address documented cyber risks, evaluating control design, scope, and effectiveness against the stated risk scenario, and providing clear sufficiency assessments and recommendations to support senior leadership decisions.
  • Define and validate compensating control strategies where remediation is not feasible, ensuring controls are appropriate to the risk, measurable in effectiveness, clearly owned, and time‑bound.
  • Maintain decision‑ready risk artifacts such as risk registers, treatment plans, exception records, and assessment outputs, with clear lifecycle management and accountability.

Automation Engineering and Process Improvement

  • Design, build, and continuously improve scalable automation and workflow systems that underpin vulnerability management and cyber risk management, ensuring processes are durable, auditable, and independent of individual contributors or specific tools.
  • Engineer automated intake, enrichment, prioritization, tracking, validation, and closure workflows for vulnerabilities and risks using APIs, data correlation, and event‑driven logic to minimize manual effort and operational friction.
  • Develop risk‑ and vulnerability‑focused data models that correlate findings, asset context, exploitability signals, threat intelligence, ownership, and business impact into actionable, priority‑driven work queues.
  • Build and maintain (both within existing technology and aggregated across technologies) metrics, dashboards, and reporting pipelines that measure coverage, remediation velocity, SLA adherence, exposure windows, and realized risk reduction, producing evidence suitable for audits and governance reviews.
  • Drive continuous improvement through process retrospectives, root cause analysis, control effectiveness reviews, and refinement of automation, documentation, and operating models.

Job Requirements

Education and Certification

  • Degree or diploma in cyber security, information technology, computer science, engineering, or a related discipline; OR
  • Two years of hands‑on cyber security experience in the domains listed below, in addition to the experience requirements

Experience

  • Four to eight years of experience across vulnerability management and cyber risk management, including hands‑on ownership of program operations and stakeholder outcomes
  • Demonstrated experience modernizing security programs through process redesign, automation engineering, and measurement

Additional experience in one or more of the following is strongly preferred:

  • Cyber governance, risk, verification, or compliance
  • Security validation, control testing, penetration testing intake, or remediation coordination
  • Security architecture and compensating control design
  • Policy development, audit management, standards development, or control framework mapping
  • Design and implementation of automation for security engineering and security operations

Other Prerequisites

  • Strong understanding of cyber security risk concepts, including inherent risk, residual risk, risk acceptance, control effectiveness, and treatment options
  • Strong understanding of vulnerability management across traditional on‑premises infrastructure, endpoints, network devices, identity systems, cloud IaaS and PaaS services, and OT environments
  • Strong process design and engineering skills, including SOP creation, RACI definition, workflow design, evidence standards, metrics, reporting, and continuous improvement
  • Working knowledge of application of risk and vulnerability prioritization approaches that integrate severity, exploitability, threat intelligence, known exploitation, asset criticality, exposure, and business context
  • Working knowledge of enterprise operational functions such as change management, patching lifecycles, configuration management, incident response, investigation triage, and production stability constraints

Marina Bay Sands is committed to building a diverse, equitable and inclusive workforce, providing equal opportunities as we grow our talent base to match our growth ambitions in Singapore. Our employees are committed to adhere to and abide by all rules, regulations, policies and procedures, including the rules of conduct and business ethics of the Company.

Skills Required

  • Degree or diploma in cyber security, information technology, computer science, engineering, or related discipline
  • Or two years of hands‑on cyber security experience in the domains listed (as alternative to degree)
  • Four to eight years of experience across vulnerability management and cyber risk management, with hands‑on ownership of program operations
  • Demonstrated experience modernizing security programs via process redesign, automation engineering, and measurement
  • Strong understanding of cyber security risk concepts (inherent/residual risk, risk acceptance, control effectiveness)
  • Strong understanding of vulnerability management across on‑prem infrastructure, endpoints, network devices, identity systems, cloud IaaS/PaaS, and OT
  • Strong process design and engineering skills (SOP creation, RACI, workflow design, evidence standards, metrics, reporting)
  • Working knowledge of risk and vulnerability prioritization approaches that integrate severity, exploitability, threat intelligence, asset criticality, exposure, and business context
  • Working knowledge of enterprise operational functions (change management, patching lifecycles, configuration management, incident response, production stability constraints)
  • Experience in cyber governance, risk, verification, or compliance
  • Experience with security validation, control testing, penetration testing intake, or remediation coordination
  • Security architecture and compensating control design experience
  • Policy development, audit management, standards development, or control framework mapping experience
  • Design and implementation of automation for security engineering or security operations
Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
12,000 Employees
Year Founded: 2005

What We Do

Marina Bay Sands Pte. Ltd. is a leading integrated resort in Singapore combining luxury hotels, convention and exhibition facilities, a casino, dining, retail and entertainment venues. It operates three hotel towers topped by a skypark and offers extensive MICE (meetings, incentives, conferences, exhibitions) services, retail and attractions across the region and is a globally recognized brand.

Similar Jobs

Datadog Logo Datadog

Operations Analyst

Artificial Intelligence • Cloud • Security • Software • Cybersecurity
Easy Apply
Hybrid
Singapore, SGP
6500 Employees

Citadel Securities Logo Citadel Securities

Quantitative Researcher

Information Technology • Software • Financial Services • Quantitative Trading
In-Office or Remote
2 Locations
1900 Employees

Citadel Securities Logo Citadel Securities

Machine Learning Researcher - PhD Graduate (Asia)

Information Technology • Software • Financial Services • Quantitative Trading
In-Office or Remote
2 Locations
1900 Employees

Citadel Securities Logo Citadel Securities

Quantitative Researcher

Information Technology • Software • Financial Services • Quantitative Trading
In-Office or Remote
2 Locations
1900 Employees

Similar Companies Hiring

Scotch Thumbnail
Artificial Intelligence • eCommerce • Fintech • Payments • Retail • Software • Analytics
US
35 Employees
Fairly Even Thumbnail
Hardware • Robotics • Sales • Software • Hospitality
New York, NY
30 Employees
Golden Pet Brands Thumbnail
Digital Media • eCommerce • Information Technology • Marketing Tech • Pet • Retail • Social Media
El Segundo, California
178 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account