Job Title: Cybersecurity Specialist, Global Cybersecurity
Works closely with and have impact on All HSO Functions
Reports to: Senior Manager, Global Cybersecurity
Function: Global IT, Global Cybersecurity
Work Location/Site: GHQ, Singapore
Role Overview
The Cybersecurity Specialist is responsible for the hands-on implementation, configuration, and operational management of cybersecurity technologies across endpoint, cloud, and network environments.
The role focuses on executing and enforcing security controls, managing and optimising security platforms, supporting incident response, and continuously improving the organisation's operational security posture.
Working closely with the reporting officer (RO) and Corporate IT (CIT), this role operationalises defined cybersecurity frameworks, standards, and strategies into implementable technical controls, ensuring consistent deployment, integration, and enforcement across systems and platforms.
The role is also accountable for ensuring the effectiveness, reliability, and continuous improvement of implemented security controls across the environment.
Duties and Responsibilities
- Lead the implementation, configuration, and lifecycle management of cybersecurity platforms (EDR, NDR, WAF, firewalls, vulnerability management), including continuous tuning, optimisation, and obsolescence/EOL management
- Drive security hardening initiatives across endpoints and cloud platforms (e.g. Windows, Azure), including defining, deploying, and maintaining security baselines and policies
- Own and execute the global rollout and onboarding of security solutions, ensuring consistency, scalability, and operational effectiveness across environments
- Translate cybersecurity frameworks (NIST CSF, CIS) into actionable and enforceable technical controls, driving adoption and measurable effectiveness across systems
- Support and lead investigation and response to security incidents, including deep-dive analysis, threat investigation, and end-to-end remediation
- Coordinate and drive incident response efforts with SOC/CIT teams, ensuring timely escalation, alignment, and resolution
- Own vulnerability management lifecycle, from identification and prioritisation to remediation tracking and validation of risk closure
- Take accountability for resolution of security issues end-to-end, ensuring risks are effectively mitigated and lessons learned are embedded into operations
- Continuously enhance security operations by proactively tuning detection rules, improving monitoring capabilities, and strengthening overall security posture
- Drive and support cybersecurity initiatives (e.g. DLP, data classification, tool enhancements), ensuring successful implementation and integration into operations
- Develop and own operational reporting on incidents, risks, and security posture, providing actionable insights for management decision-making
- Act as a security partner to infrastructure, network, and application teams, proactively advising and driving the implementation of security controls aligned with organisational objectives
Requirements
Experience
- Minimum 8–10 years of IT experience (Infrastructure, Network, or Security), with at least 5 years of hands-on cybersecurity engineering experience across endpoint, network, and cloud environments
- Proven ability to work independently and drive implementation of cybersecurity controls end-to-end, while collaborating effectively with cross-functional stakeholders
Skills/Accreditations
- Working knowledge of security frameworks (NIST CSF, CIS) and their practical implementation
- Hands-on experience with Microsoft Azure security (identity, network, workload protection)
- Experience in incident response and security operations (detection, investigation, remediation)
- Strong skills in log analysis, threat investigation, and forensic evidence handling
- Proficiency in scripting/automation (e.g. PowerShell)
- Exposure to DevSecOps practices is advantageous
- Strong communication skills to articulate security risks and controls to diverse stakeholders
Academic Qualifications
- Bachelor's Degree or Diploma in Cybersecurity, Information Security, Computer Science, or a related discipline
- Relevant cybersecurity certifications such as CISSP, Microsoft Certified: Azure Security Engineer Associate (AZ-500), or equivalent are advantageous. Certifications in cloud security, platform security, and cybersecurity engineering (e.g. CCSP, Microsoft SC-100) are a plus.
