Cybersecurity Manager

Job Summary

We are seeking a Cybersecurity Manager to lead security engineering, security operations, and technology risk functions, someone to drive cybersecurity resilience, governance, operations, engineering, and testing across both on-premises and major cloud platforms.

Mandatory Skill-set

• Degree in Computer Science, Information Systems, Engineering, or related tech field;
• Must have more than 12 years in information security with 5+ years leading multi-disciplinary teams across security engineering, operations, and GRC;
• Proven ability to manage cybersecurity risks across enterprise IT, cloud platforms, and large-scale digital systems;
• Must have strong knowledge of security governance frameworks, including MAS TRM, HKMA, PDPA, GDPR, ISO 27001, SOC 2, PCI-DSS;
• Must have strong expertise in risk assessment methodologies (e.g., TVRA) and translating technical vulnerabilities into business risk;
• Deep understanding of Zero Trust Architecture (ZTA) and modern cybersecurity technologies such as Firewalls, EDR, IAM, SIEM, CSPM, CWPP, CASB, and secrets management;
• Ability to map defensive controls to the MITRE ATT&CK framework, with solid understanding of offensive security concepts and threat actor TTPs;
• Strong analytical and critical thinking skills to identify systemic security issues and drive continuous improvement;
• Excellent stakeholder management, communication, and presentation skills, with the ability to influence senior leadership.

Desired Skill-set

• Relevant certifications (CISSP, CISM, CISA, GSEC).

Responsibilities

• Drive the organisation's overall cybersecurity architecture & engineering strategy, policies, and governance;
• Lead security architecture, IAM, application security, data protection, and detection engineering across cloud and enterprise environments;
• Oversee security operations, including MDR, threat intelligence, vulnerability management, incident response, and red/purple team exercises;
• Drive cybersecurity governance, risk, and compliance, ensuring adherence to regulatory and industry standards (MAS TRM, HKMA, PDPA, GDPR, ISO 27001, SOC 2, PCI-DSS);
• Provide strategic and technical guidance on secure architecture, security technologies, and DevSecOps practices;
• Lead incident response planning, conduct exercises, and manage real-world cyber incidents;
• Champion secure-by-design principles across systems and product development;
• Define and execute the security roadmap, manage security investments and vendors, and report cyber risks and metrics to leadership;
• Build and maintain cybersecurity awareness and training programs across the organizations.

Should you be interested in this career opportunity, please send in your updated resume to [Confidential Information] at the earliest.

When you apply, you voluntarily consent to the disclosure, collection and use of your personal data for employment/recruitment and related purposes in accordance with the SCIENTE Group Privacy Policy, a copy of which is published at SCIENTE's website (https://www.sciente.com/privacy-policy).

Confidentiality is assured, and only shortlisted candidates will be notified for interviews.

EA Licence No. 07C5639