About the Role
We are seeking a visionary and hands-on Head of Security Engineering/ Architecture to step up into a CISO role with a leading Bank in Singapore.
Role includes: information security strategy, governance, and technology risk management. This is a pivotal role to ensure that our security posture not only meets compliance requirements but also enables innovation, scalability, and resilience.
In addition to governance and policy, the CISO will drive the development of security engineering capabilities and oversee security architecture design to safeguard the banks digital platforms, infrastructure, and customer data.
Key Responsibilities
- Security Governance & Compliance
- Establish, implement, and maintain a robust Information Security Management System (ISMS) tailored for the bank, aligned with MAS and international standards.
- Develop and enforce security policies, procedures, standards, and guidelines in collaboration with HQ and regional stakeholders.
- Technology Risk Management
- Develop a comprehensive technology risk strategy, including continuous identification, assessment, and mitigation of IT and cyber risks (internal and third-party).
- Lead risk assessments across applications, infrastructure, and cloud environments.
- Security Engineering & Architecture
- Define and drive the security architecture roadmap, ensuring secure design principles are embedded in systems, applications, and infrastructure.
- Build and mature security engineering functions to support secure software development (DevSecOps), vulnerability management, and threat modeling.
- Oversee design and implementation of advanced security controls (e.g., IAM, encryption, network segmentation, cloud security).
- Leadership & Reporting
- Provide strategic guidance to the Board, senior management, and regulators on emerging threats, compliance status, and security posture.
- Lead incident response planning and coordinate security operations in collaboration with relevant teams.
Qualifications
- Bachelor&aposs or Masters degree in Computer Science, Engineering, Cybersecurity, or related field.
- 10+ years of progressive experience in information security, cyber risk, or technology risk management in the financial services industry.
- Proven expertise in security architecture, security engineering, and regulatory compliance (preferably MAS TRM and related frameworks).
- Strong understanding of technology and data architecture, cloud security, and modern banking platforms.
- Certifications preferred: CISSP, CISM, CISA, CRISC, or equivalent.
- Excellent communication skills in English and Mandarin (for international and HQ collaboration).
- Strong leadership, self-driven, detail-oriented, and resilient under pressure.
