IT Manager

IT Manager (IT and Information Security)

BIPO is a leading one-stop human resource partner in Asia Pacific, with its global headquarter in Singapore. Founded in 2004, BIPO is a fast-growing company with branch offices in China, Hong Kong, Taiwan, Japan, India, Indonesia, Thailand, Malaysia, Philippines, Vietnam, and R&D centres in Indonesia, Singapore and Malaysia. BIPO is a fast-growing company with over 360 people across the region. We are excited to announce that we have an opening for the below position to join our team in supporting our growing business across Asia Pacific.

About this Role

This role is responsible for managing the company's information security policies and procedures, user security awareness and maintenance of BIPO overall information security management system, IT infrastructure and security operational support, system administration, and execution of IT projects. This role is based in BIPO global HQ in Singapore, reports to Deputy IT Director in Singapore, dotted line to Associate IT Director in Shanghai.

Key Responsibilities

. Lead implementation and maintenance of ISO 27001 information security management system (ISMS), serve as the company's overall ISO 27001 ISMS management representative, lead internal and external audit (ISO 27001 / SOC2 audit, external vendor pen test), develop, implement and manage IT / security policies and procedures.

. Manage information security awareness training, phishing campaigns for employees

. Lead security incident response efforts, including incident response playbook development, training, incident response exercises, and actual incident response.

. Manage IT inventory, hardware / office PCs and software procurement, upgrade planning, renewals of support / subscription. Manage local IT support personnel, manage costs to continuously optimize IT expenditure.

. Track and report infrastructure and security posture, KPIs and metrics periodically, respond to IT infra and security incidents.

. Installation, maintenance and monitoring of IT infra/security services (e.g., network, servers, software, databases, storage, backup, end user PCs), response to IT infra/security alerts and troubleshoot issues.

. Lead IT infra/security projects and initiatives and perform regular operations to meet ISO 27001 compliance (e.g., PC audit, user access reviews, asset list update, risk register review/update)

. Accountability for IT infrastructure support, administration, and disaster recovery, ensuring service uptime and performance SLA for operational requirements are met.

. Strategic input on infra/security architecture design and analysis, work collaboratively with business, operational, vendors and regional leads on innovation and technology initiatives.

. Support BIPO systems server administration and software installation and version update.

. Support business team in answering client's IT infra/security questions.

Requirements

. Minimum Bachelor's degree in IT, Computer Science, Information Security or related field with 8 years experience in HRMS industry.

. Strong experience in IT operation and management support, administration of Windows Servers, SQL Server database, IIS, Active Directory, backup software, network equipment.

. Experience and knowledge in ISO 27001 compliance, Amazon AWS/Azure/Aliyun, Microsoft 365, IT security (EDR, Vulnerability Management, Privileged Access Management, CIS security baseline, Security Operations, SIEM, Microsoft Purview DLP and Information Protection, Security Service Edge, Mobile Device Management) are a must.

. Preferred to have relevant security and ISO 27001 certifications (CISSP/CISM, ISO27001 Lead Implementer or Auditor). Cloud certifications (AWS, Azure, Alibaba Cloud) is an advantage.

. Able to self-learn new things and lead IT project independently, knowledge sharing, documentation.

. Be contactable for after office production support issues or urgent security incidents if needed.

. Good troubleshooting / analytical skills, responsible, resourceful, self-motivated, proactive, good teamwork skills and positive can do attitude.

. Good communication skills with the ability to converse effectively in both English and Mandarin, as the role requires interaction with English- and Mandarin-speaking stakeholders.