We are seeking a Cybersecurity Manager to lead security engineering, security operations, and technology risk functions, someone to drive cybersecurity resilience, governance, operations, engineering, and testing across both on-premises and major cloud platforms.
Mandatory Skill(s)
- Degree in Computer Science, Information Systems, Engineering, or related tech field;
- Must have more than 12 years in information security with 5+ years leading multi-disciplinary teams across security engineering, operations, and GRC;
- Proven ability to manage cybersecurity risks across enterprise IT, cloud platforms, and large-scale digital systems;
- Must have strong knowledge of security governance frameworks, including MAS TRM, HKMA, PDPA, GDPR, ISO 27001, SOC 2, PCI-DSS;
- Must have strong expertise in risk assessment methodologies (e.g., TVRA) and translating technical vulnerabilities into business risk;
- Deep understanding of Zero Trust Architecture (ZTA) and modern cybersecurity technologies such as Firewalls, EDR, IAM, SIEM, CSPM, CWPP, CASB, and secrets management;
- Ability to map defensive controls to the MITRE ATT&CK framework, with solid understanding of offensive security concepts and threat actor TTPs;
- Strong analytical and critical thinking skills to identify systemic security issues and drive continuous improvement;
- Excellent stakeholder management, communication, and presentation skills, with the ability to influence senior leadership.
Desirable Skill(s)
- Relevant certifications (CISSP, CISM, CISA, GSEC).
Responsibilities
- Drive the organisation’s overall cybersecurity architecture & engineering strategy, policies, and governance;
- Lead security architecture, IAM, application security, data protection, and detection engineering across cloud and enterprise environments;
- Oversee security operations, including MDR, threat intelligence, vulnerability management, incident response, and red/purple team exercises;
- Drive cybersecurity governance, risk, and compliance, ensuring adherence to regulatory and industry standards (MAS TRM, HKMA, PDPA, GDPR, ISO 27001, SOC 2, PCI-DSS);
- Provide strategic and technical guidance on secure architecture, security technologies, and DevSecOps practices;
- Lead incident response planning, conduct exercises, and manage real-world cyber incidents;
- Champion secure-by-design principles across systems and product development;
- Define and execute the security roadmap, manage security investments and vendors, and report cyber risks and metrics to leadership;
- Build and maintain cybersecurity awareness and training programs across the organizations.
If you are interested in this role, click on the “Apply to this job” button below or you could also write in with your CV to Cecilia Chong at cecilia@sciente.com quoting the job title.
