IT Security Manager

Prudential’s purpose is to be partners for every life and protectors for every future. Our purpose encourages everything we do by creating a culture in which diversity is celebrated and inclusion assured, for our people, customers, and partners. We provide a platform for our people to do their best work and make an impact to the business, and we support our people’s career ambitions. We pledge to make Prudential a place where you can Connect, Grow, and Succeed.

Job Summary:

In this role, you will be a part of Specialists team to drive IT Security initiatives for Prudential Singapore. As part of this dynamic role, you will report to Head, IT Security, and work closely with business units and other IT teams to keep Prudential safe.

Job Description:

• Maintain technology standards, processes and specifications in the implementation of Technology Risk Management and IT Security.

• Manages IT Security projects and resolve new/complex problems which may impact the Prudential Singapore security posture.

• Implement, and maintain the organisation’s information security strategy and procedures in alignment with regulatory requirements and Group policies and standards.

• Monitor the IT Security metrics to identify vulnerabilities, threats and events / incidents and responding promptly to mitigate risk and minimize impact.

• Perform relevant security analysis / assessments or engage vendor to perform penetration tests to identify

  and address potential threats.

• Support the cyber security incident response process.

• Ensure compliance with financial sector regulations, such as MAS TRM Guidelines, and other relevant local

  and international standards.

• Collaborate with other IT departments, Risk, and Compliance to integrate security measures into business processes and technology initiatives.

• Develop and deliver security awareness programmes for staff across the organisation, fostering a culture of security and compliance.

• Oversee third-party risk management, including security assessments of vendors and service providers.

• Prepare regular security reports, metrics, and recommendations to senior management.

• Train, develop and share IT Security knowledge with Team members.

Competencies & Personal Traits

• Scripting and programming experience (Java, NodeJs, Xcode) will be beneficial.
• Good knowledge and experience of using a variety of penetration testing and threat modelling tools including open source and commercial mapping.
• Good Knowledge of SDLC, Database, Application, and Web server design and implementation.
• Knowledge and experience on Agile, Scrum frameworks, CI/CD will be beneficial.
• Web Application, Mobile Application and API security experience with good understanding of related vulnerabilities and control measures.
• Good working knowledge and experience on three (3) or more of the following areas: Web/Mobile application Penetration Testing, Secure Code Reviews, Secure Static Code analysis, Dynamic Code Analysis and Vulnerability Assessments.
• Knowledge of cloud and cloud security technologies and concepts.
• Good understanding of local government regulations (MAS TRM, MAS Outsourcing Guidelines, PDPA).
• Experience with industry compliance, security standards and/or frameworks including one or more of the following: PCI-DSS, ISO 27001, NIST.
• Independent and works well across different functions.
• Excellent problem analysis skill. Innovative and creative in developing solutions.
• Strong sense of drive and commitment to deliver on responsibilities.
• Ability and willingness to be hands-on.
• Adept at explaining technical jargon to non-technical professionals.
• Strong collaboration and partnering skills.
• Readiness to become a thought leader for aspects of cyber security across multiple domains.

Prudential is an equal opportunity employer. We provide equality of opportunity of benefits for all who apply and who perform work for our organisation irrespective of sex, race, age, ethnic origin, educational, social and cultural background, marital status, pregnancy and maternity, religion or belief, disability or part-time / fixed-term work, or any other status protected by applicable law. We encourage the same standards from our recruitment and third-party suppliers taking into account the context of grade, job and location. We also allow for reasonable adjustments to support people with individual physical or mental health requirements.