BIPO is a leading one-stop human resource partner in Asia Pacific, with its global headquarter in Singapore. Founded in 2004, BIPO is a fast-growing company with branch offices in China, Hong Kong, Taiwan, Japan, India, Indonesia, Thailand, Malaysia, Philippines, Vietnam, and R&D centres in Indonesia, Singapore and Malaysia. BIPO is a fast-growing company with over 360 people across the region. We are excited to announce that we have an opening for the below position to join our team in supporting our growing business across Asia Pacific.
About this Role
This role leads the Information Security compliance and audit activities and serves as the ISO 27001 ISMS Management Representative. In parallel, this role manages Singapore IT infrastructure and end-user support, including supervision of local IT support engineer. Reporting line: Deputy IT Director (Singapore) with dotted line to Associate Director in Shanghai for IT infrastructure operations matter.
Key Responsibilities
- Lead the company's information security governance and compliance programs, including ISO 27001 ISO27001, SOC1/SOC2, OSPAR, internal audits, penetration testing coordination, and overall ISMS maintenance.
- Serve as the ISMS Management Representative, driving continuous improvement, maintaining clear documentation including policies and procedures, managing risks assessments and corrective actions, security trainings, phishing campaigns, ensuring all documentation and evidence required for ISMS and operational continuity are audit ready.
- Respond to client's security questionnaires, due diligence and audit requests, support commercial teams with security inputs for proposals and contracts.
- Manage security vendors and coordinate implementation of security solutions (e.g., SIEM, DLP, SSE, EDR) with support from regional IT managers and external vendors.
- Coordinate security incident response activities by maintaining playbooks, supporting incident handling, facilitating communication and ensuring follow-up actions are implemented.
- Oversee Singapore officeIT infrastructure operations, including network, Wi-Fi, endpoints, asset lifecycle, patch coordination, local system administration, local IT procurement, renewals, inventory and vendor relationships, ensuring cost optimization and service reliability.
- Lead and mentor Singapore IT support engineer, ensuring effective daily operations, user support and continuous improvement of IT service delivery.
Requirements
- Minimum bachelor's degree in IT, Computer Science, Information Security or related field.
- ISO27001 ISMS management representative experience required
- Proven experience in coordinating ISO 27001 audit programs, preferably with experience SOC2 and OSPAR audits
- Experience managing office IT infrastructure, user support and endpoint/network environments in Singapore.
- Experience managing or supervising IT support staff.
- Strong vendor management and stakeholder capabilities.
- Strong documentation, communication and problem-solving skills; proactive and reliable.
- Preferred to have certifications such as ISO 27001 Lead Implementer/Auditor, CISSP, CISM, CCSP, cloud/security related credentials.
- Familiarity with common security solutions (SIEM, DLP, EDR, SSE, PAM, vulnerability management) from governance or implementation coordination perspective.
- Fluent in English and Mandarin.
