Search by job, company or skills

EFG International

Information Security & BCM Head (Asia)

EFG International
Singapore
10-12 Years
Save
new job description bg glownew job description bg glownew job description bg svg
  • Posted 17 days ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Job Description

General Info

  • Department: Global CISO
  • Work time Percentage: 100%
  • Location: Singapore ideally or Hong-Kong

Our Company

EFG International is a global private banking group, offering private banking and asset management services. We serve clients in over 40 locations worldwide. EFG International offers a stimulating and dynamic work environment and strives to be an employer of choice.

EFG is committed to providing an equitable and inclusive working environment that is founded on the principle of mutual respect. Joining our team means experiencing a supportive environment, where your contributions are valued and recognised. We strongly believe that the diversity of our teams gives us a competitive advantage by fostering better decision-making and greater innovation.

Our Purpose and Mission

Empowering entrepreneurial minds to create value – today and for the future.

We are a private bank, offering personalised solutions on a global scale to private and institutional clients. Our sustainable success is based on our talents and on how we partner with our clients and communities to create lasting value.

Job Description

EFG's Information Security and BCM team, led by the Group CISO, sets and coordinates global information security strategy, initiatives, and standards across EFG International. The team conducts security risk assessments, manages vulnerability and threat programs, and owns security awareness and training. It safeguards EFG's infrastructure, applications, and data against breaches, malware, third‑party risks, and cyber-attacks. Additionally, it strengthens the bank's defence through robust Business Continuity Management, supporting operational resilience and coordinated incident response

The Information Security & BCM Head Asia reports to the Regional COO with a functional line to the Group CISO, and will (i) identify regional risks, threats, and vulnerabilities across the SG and HK branches; (ii) address gaps against local laws, regulations, and industry practices; (iii) develop and tailor information security controls to the region's risks, adapt policies and procedures to local culture and laws, and facilitate Group strategic initiatives; and (iv) ensure adherence to global Business Continuity Management policies while adopting BCM best practices per local regulatory requirements.

Main Responsibilities

Strategy, governance, and leadership

  • Support and implement EFG's information security strategy and programs, ensuring alignment with local business objectives.
    • Provide regional leadership on information security across SG and HK; serve as the Singapore and Hong Kong Information Security Officer.
    • Manage information security programs directed by Head Office and act as the primary contact for regulatory inquiries, reviews, and inspections.
    • Stay current on regulatory changes and industry trends; perform gap analyses on regulatory papers, circulars, and directives, and recommend improvements.
Risk management, compliance, and audit

  • Identify, evaluate, and manage regional information security risks and vulnerabilities; ensure preventative actions close risk gaps.
    • Conduct regular security assessments and audits to ensure compliance with internal, regulatory, and industry requirements; ensure timely closure of audit items.
    • Develop and maintain local security policies, procedures, and standards aligned with Head Office and regulators.
    • Collaborate on Operational Resilience and Business Continuity (BCP); act as local BCM referant ensuring internal and external requirements (e.g., HKMA OR-2) are met.
Incident management and monitoring

  • Lead and coordinate incident response locally and regionally in close collaboration with the Head Office CISRT, including investigation, root cause analysis, and treatment plans.
    • Review data security breaches, implement remediation, and design and lead the annual cyber-security incident drill for SG & HK.
    • Collaborate with Group Information Security to deploy monitoring tools safeguarding bank information.
Access governance and secure operations

  • Oversee timely completion of local and regional user access recertifications.
    • Approve and periodically review privileged access for business and IT users; recertify IT administrator and technical account access on locally and regionally managed infrastructure.
    • Serve as gatekeeper for data extraction from secure zones.
Stakeholder engagement, communications, and training

  • Build and maintain relationships with stakeholders, clients, leadership, regulators, and Head Office teams.
    • Monitor and manage security communications from Head Office and regulators.
    • Lead security awareness and training programs for employees and relevant stakeholders.
Technology, assessments, and continuous improvement

  • Support assessments for infrastructure and applications; perform periodic security reviews and audits.
    • Recommend enhancements to controls and processes based on emerging threats and best practices.
Reporting, budgeting, and resource management

  • Report timely status of projects, programs, risks, events, and incidents to the Group CISO.
    • Prepare spending proposals; manage local security budgets and resources effectively.
Skills And Experience

  • Bachelor's degree in Computer Science, Information Technology, or a related field.
  • 10+ years in information security with strong knowledge of security principles, practices, and technologies.
  • Proven experience designing and implementing enterprise security programs.
  • Hands-on incident management and incident response expertise.
  • Demonstrated leadership, including managing and influencing virtual/remote teams.
  • Excellent communication and stakeholder engagement skills.
  • Successful track record working with regulators and regulatory bodies.
  • Experience in ICT Risk Management and Business Continuity.
  • Industry certifications (e.g., CISSP, CISM, CRISC) preferred.

Our Values

 Accountability: Taking ownership for tasks and challenges, as well as seeking continuous improvement

 Hands-on: Being proactive to rapidly deliver high-quality results

 Passionate: Being committed and striving for excellence

 Solution-driven: Focusing on client outcomes and treating clients fairly with a risk-aware mindset

 Partnership-oriented: Promoting collaboration and teamwork. Working together with an entrepreneurial spirit.

Please ensure to attach a cover letter to your CV when filling the application.

Application

Should you wish to apply for this position use this link to apply.

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Information Security
Employment Type:
Full time

About Company

EFG International

Job ID: 145727907

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 28-04-2026 07:40:48 PM
Homejobs in SingaporeInformation Security & BCM Head (Asia)

Similar Jobs

System Engineer

eTeam Inc

Cybersecurity CSIRT Manager

IBM
I

VP, Business Analyst, Technology Group

Gic

Data Center Engineer

dexian asia pacific

AVP/SA, Cyber Threat Hunter, Information Security Services, Group Technology

Dbs Bank