Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
Head of Cyber Security & Technology Risk
Industry: Digital Payments / FinTech / Regulated Financial Services
Location: Singapore
Overview
We are seeking an experienced Head of Cyber Security & Technology Risk to lead security engineering, security operations, and technology risk across a regulated digital payments and financial services environment. This role is responsible for defining and executing the cyber defense strategy, ensuring compliance with regulatory frameworks, and strengthening the organisation’s security posture as it scales.
You will work closely with executive leadership, regulators, and cross-functional teams to ensure security controls meet or exceed regulatory and industry standards.
Key Responsibilities
Security Architecture & Engineering:
- Define and maintain enterprise security architecture, including IAM strategy, application and data security controls, cloud security standards, and detection engineering frameworks.
Security Operations & Incident Response:
- Oversee security operations including MDR services, threat intelligence, vulnerability management, and incident response. Lead complex investigations, red/purple team exercises, and post-incident remediation.
Risk, Governance & Compliance:
- Own security policies and governance frameworks, ensuring compliance with regulatory and industry standards such as MAS TRM, HKMA Technology Risk, PDPA, GDPR, ISO 27001, SOC 2, and PCI DSS. Manage audits and third-party risk assessments.
Strategy & Executive Reporting:
- Develop and execute a multi-year security roadmap, optimise security tooling and vendor strategy, and deliver clear risk reporting and metrics to senior leadership and the board.
Stakeholder & Regulatory Engagement:
- Act as a senior security advisor to business and technology leaders, translating technical risk into business impact and supporting regulatory interactions where required.
Required Qualifications
- 12+ years of experience in information security, with 5+ years in leadership roles spanning security engineering, operations, and GRC.
- Proven experience in regulated financial services (banking, payments, fintech) with hands-on ownership of Technology Risk, Operational Resilience, and Data Privacy programs.
- Strong technical background implementing Zero Trust, DevSecOps, and cloud security (AWS and/or OCI), including SIEM, EDR, SOAR, IAM/PAM, DLP, and data protection controls.
- Demonstrated incident leadership experience, including crisis management, stakeholder communications, and durable remediation.
- Excellent communication skills with the ability to translate complex security risks into clear business outcomes.
Preferred Qualifications (Nice to Have)
- Professional certifications such as CISSP, CISM, CCISO, or CCSP
- ISO/IEC 27001 Lead Implementer or Lead Auditor
- Experience leading SOC 2 certification programs
- PCI DSS experience (e.g., SAQ/QSA engagement, CDE scoping and segmentation)
- Data protection certifications (e.g., CIPP/E, CIPM)
Key Skills
Ranked by relevanceReady to apply?
Join Hyphen Partners and take your career to the next level!
Application takes less than 5 minutes