Cyber Security Manager

Department : Information Technology

Reports To : Director of IT

Location : Southern Singapore

Employment Type : Full-Time

Position Summary

We are seeking a seasoned and strategic Cyber Security Manager to lead our cybersecurity efforts across a nationwide network of clubs. This role will oversee the protection of both application and network infrastructure, ensuring the confidentiality, integrity, and availability of systems and data. Day-to-day security operations are supported by a Managed Security Service Provider (MSSP), and the Cyber Security Manager will be responsible for governance, oversight, and continuous improvement of our security posture. All IT staff are centrally located, but manage IT services across all club locations.

Key Responsibilities

Security Strategy & Governance

Develop and maintain a cybersecurity strategy tailored to the operational needs of clubs and resorts.

Establish and enforce security policies, standards, and procedures across all locations.

Act as the primary liaison between internal IT teams and the MSSP, ensuring alignment with business goals.

Security Operations Oversight

Oversee daily security operations including threat monitoring, incident response, and vulnerability management in collaboration with the MSSP.

Review MSSP reports and dashboards to ensure timely resolution of incidents and vulnerabilities.

Coordinate internal escalation and remediation efforts based on MSSP findings.

Application & Infrastructure Security

Ensure secure design and deployment of applications used for guest services, reservations, POS systems, and internal operations.

Oversee network security across club locations, including firewalls, VPNs, and wireless access controls.

Monitor and enforce security controls for cloud-based and on-premise systems.

Risk Management & Compliance

Conduct periodic risk assessments and audits across club locations to identify and mitigate security risks.

Ensure compliance with industry regulations and standards particularly CSA CyberTrust Mark (Perfomer Tier).

Maintain and test disaster recovery and business continuity plans specific to hospitality operations.

Coordinate with external vendors to plan and execute regular Vulnerability Assessments and Penetration Testing (VAPT) across all club locations. Review findings, prioritize remediation efforts, and ensure timely resolution of identified risks.

Vendor & MSSP Management

Manage MSSP performance through SLAs, KPIs, and regular reviews.

Coordinate MSSP onboarding, scope definition, and service optimization.

Evaluate and recommend additional security vendors or tools as needed.

Team Leadership & Training

Lead internal cybersecurity initiatives and mentor IT staff across club locations.

Conduct regular Cyber Security Awareness briefings for employees, tailored to hospitality operations and data handling practices.

Propose phishing simulation topics and coordinate with the subscribed vendor platform to execute phishing exercises across the organization.

Draft and distribute Cyber Security Bulletins via email to all staff, highlighting current threats, best practices, and policy updates.

Promote a culture of security and compliance throughout the organization.

Incident Response & Reporting

Maintain and refine the incident response plan in collaboration with the MSSP.

Lead internal investigations and coordinate with MSSP during major incidents.

Report incidents and risk posture to senior leadership and regulatory bodies.

Qualifications

Education & Experience

Bachelor’s degree in Cybersecurity, Information Technology, or related field.

Minimum 4 years of experience in IT security, with at least 1 year in a managerial role.

Experience managing MSSPs or third-party security vendors, preferably in hospitality or multi-site environments.

Certifications (Preferred)

CISSP, CISM, CEH, OSCP, or equivalent.

Technical Skills

Strong understanding of network protocols, firewalls, IDS / IPS, endpoint protection, and SIEM platforms.

Familiarity with secure SDLC, DevSecOps, and cloud security frameworks.

Experience with hospitality systems such as PMS, POS, and guest Wi-Fi security.

Soft Skills

Excellent communication, leadership, and stakeholder management skills.

Strong analytical and problem-solving abilities.

Ability to manage multiple priorities across geographically dispersed teams.

Key Performance Indicators (KPIs)

MSSP SLA adherence and incident resolution metrics.

Reduction in vulnerabilities and security incidents across club locations.

Compliance audit results.

Employee security awareness and training completion rates.

Phishing simulation participation and improvement metrics.

Engagement and feedback on Cyber Security Bulletins.

Completion of the annual Vulnerability Assessment and Penetration Testing (VAPT).

#J-18808-Ljbffr