The Role
The Senior Manager, Cybersecurity Operations will lead cybersecurity governance, manage security infrastructure, oversee incident response, and enhance team capabilities. The role requires collaboration across IT and with third-party vendors to ensure effective security operations and compliance with regulations.
Summary Generated by Built In
Job Description
Governance, Risk & Compliance:
- Develop, maintain, and socialize cybersecurity control standards, and guidelines.
- Assist stakeholders on cybersecurity risk management program, including identification, assessment, treatment, and reporting of cyber risks.
- Drive implementation of cyber risk metrics and dashboards for executive and board-level reporting.
- Advise business and technology units on control design, residual risk, and exceptions.
Technology & Architecture:
- Manage and maintain the organisation's security infrastructure, ensuring optimal performance and availability.
- Evaluate and recommend new security technologies and tools to enhance security capabilities.
- Collaborate with IT teams on the implementation and integration of security solutions.
Team Leadership & Development:
- Lead, mentor, and develop a team of security analysts and engineers,fostering a collaborative and high performing environment.
- Lead efforts to advance the company's expertise in cybersecurity, setting a vision that inspires innovation and excellence.
- Assign tasks, set priorities, and monitor team performance to ensure efficient and effective security operations.
- Conduct regular team meetings, provide constructive feedback, and support the professional growth of team members.
- Contribute to recruitment and onboarding processes for new security operations personnel.
Awareness & Engagement:
- Collaborate effectively with other IT teams, business units, and external vendors on security-related matters.
- Communicate security risks and recommendations clearly and concisely to both technical and non-technical audiences.
Security Monitoring and Analysis:
- Oversee the continuous monitoring of security systems, including SIEM,intrusion detection/prevention systems (IDS/IPS), endpoint detection and response (EDR), and other security tools.
- Analyse security alerts and events to identify potential threats, vulnerabilities,and breaches.
- Develop and refine security monitoring rules, alerts, and dashboards to improve detection capabilities.
Incident Response and Remediation:
- Lead investigations into security incidents and coordinate containment, remediation, and root cause analysis.
- Conduct post-incident analysis to identify root causes and implement preventative measures.
- Continuously improve the organization's incident response capability and playbooks.
- Communicate effectively with stakeholders during security incidents, providing timely updates and recommendations.
Threat Intelligence:
- Stay abreast of the latest security threats, trends, and attack techniques.
- Utilise threat intelligence feeds to proactively identify potential risks and inform security monitoring and incident response efforts.
Management of 3rd Party SecOps team:
- Define specific security responsibilities, performance metrics (KPIs), and service level agreements (SLAs) upfront. This ensures both parties understand the scope of work, expected outcomes, and accountability.
- Foster regular and transparent communication channels. Schedule consistent meetings, share relevant threat intelligence, and encourage collaborative problem-solving to ensure seamless integration and responsiveness.
- Establish clear processes for monitoring performance, conducting audits, and verifying compliance against agreed-upon standards and regulations.
- Regular reviews and feedback mechanisms are crucial for continuous improvement and risk mitigation.
Requirements
- Bachelor's or Master's degree in Information Security, IT, Computer Science, or related field.
- Cyber Security related qualifications such as CISA, CISSP, CISM, CRISC, GIAC will be an advantage.
- Minimum 5 to 8 years of Cybersecurity operations working experience
- Well verse in Security Standards such ISO27001 and NIST etc.
- Good understanding of IT Governance, Project Management and Methodologies
- Good understand of various regulation/laws related to cybersecurity such as Cybersecurity Act 2018 (and CCoP 2.0), Singapore's Personal Data Protection Act (PDPA)
- Well verse in MITRE ATT&CK & D3FEND framework
- Technical hands-on expertise and well verse in Security related products Firewalls, IDS/IPS, EDR,
- IAM, PAM, VMS, WAF, SIEM and PKI are preferred
- Familiarity with financial services or critical infrastructure regulatory environments is an advantage.
Top Skills
Endpoint Detection And Response (Edr)
Firewalls
Identity And Access Management (Iam)
Intrusion Detection And Prevention Systems (Ids/Ips)
Privileged Access Management (Pam)
Public Key Infrastructure (Pki)
Security Information And Event Management (Siem)
Vulnerability Management Systems (Vms)
Web Application Firewalls (Waf)
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Singapore Post (SingPost) is a leading postal and eCommerce logistics provider in Asia Pacific. The portfolio of businesses spans from national and international postal services to warehousing and fulfilment, international freight forwarding and last mile delivery, serving customers in more than 220 global destinations. Headquartered in Singapore, SingPost has over 4,900 employees, with offices in 13 markets worldwide. Since its inception in 1858, the Group has evolved and innovated to bring about best-in-class integrated logistics solutions and services, making every delivery count for people and planet
