Cybersecurity Manager

Job Summary

We are seeking a Cybersecurity Manager to lead security engineering, security operations, and technology risk functions, someone to drive cybersecurity resilience, governance, operations, engineering, and testing across both on-premises and major cloud platforms.

Mandatory Skill-set

• Degree in Computer Science, Information Systems, Engineering, or related tech field
• Must have more than 12 years in information security with 5+ years leading multi-disciplinary teams across security engineering, operations, and GRC
• Proven ability to manage cybersecurity risks across enterprise IT, cloud platforms, and large-scale digital systems
• Must have strong knowledge of security governance frameworks, including MAS TRM, HKMA, PDPA, GDPR, ISO 27001, SOC 2, PCI-DSS
• Must have strong expertise in risk assessment methodologies (e.g., TVRA) and translating technical vulnerabilities into business risk
• Deep understanding of Zero Trust Architecture (ZTA) and modern cybersecurity technologies such as Firewalls, EDR, IAM, SIEM, CSPM, CWPP, CASB, and secrets management
• Ability to map defensive controls to the MITRE ATT&CK framework, with solid understanding of offensive security concepts and threat actor TTPs
• Strong analytical and critical thinking skills to identify systemic security issues and drive continuous improvement
• Excellent stakeholder management, communication, and presentation skills, with the ability to influence senior leadership.

Desired Skill-set

• Relevant certifications (CISSP, CISM, CISA, GSEC).

Responsibilities

• Drive the organisation's overall cybersecurity architecture & engineering strategy, policies, and governance
• Lead security architecture, IAM, application security, data protection, and detection engineering across cloud and enterprise environments
• Oversee security operations, including MDR, threat intelligence, vulnerability management, incident response, and red/purple team exercises
• Drive cybersecurity governance, risk, and compliance, ensuring adherence to regulatory and industry standards (MAS TRM, HKMA, PDPA, GDPR, ISO 27001, SOC 2, PCI-DSS)
• Provide strategic and technical guidance on secure architecture, security technologies, and DevSecOps practices
• Lead incident response planning, conduct exercises, and manage real-world cyber incidents
• Champion secure-by-design principles across systems and product development
• Define and execute the security roadmap, manage security investments and vendors, and report cyber risks and metrics to leadership
• Build and maintain cybersecurity awareness and training programs across the organizations.

Should you be interested in this career opportunity, please send in your updated resume to [Confidential Information] at the earliest.
When you apply, you voluntarily consent to the disclosure, collection and use of your personal data for employment/recruitment and related purposes in accordance with the SCIENTE Group Privacy Policy, a copy of which is published at SCIENTE's website

(https://www.sciente.com/privacy-policy).

Confidentiality is assured, and only shortlisted candidates will be notified for interviews.

EA Licence No. 07C5639