Cybersecurity Lead/Manager (Consumer/Hospitality Industry)

Well-established consumer business that is strengthening its digital foundation. With technology deeply embedded in its operations, customer engagement, and strategic growth, cybersecurity now plays a mission-critical role.

As Cybersecurity Lead/Manager, you will lead the organization’s security posture—moving beyond technical implementation to drive enterprise-wide risk awareness, compliance, and strategic alignment. This is a high-impact leadership role that blends operational execution with long-term planning, cultural influence, and cross-functional collaboration.

What You’ll Be Driving

As the organization’s security lead, your focus will be on driving five core outcomes:

• Enhanced Security Visibility : Establish continuous monitoring and measurable KPIs that track the organization’s evolving threat landscape and resilience.
• Regulatory Excellence : Ensure full readiness for audits and sustained compliance with PDPA and applicable regulatory standards.
• Certification Alignment : Position the organization for success with security certifications such as Cyber Trust Mark , benchmarking controls against ISO 27001 , NIST , and industry best practices.
• Security-First Culture : Promote a workplace where every employee understands and takes ownership of their role in protecting data and systems.
• Enterprise-Wide Integration : Embed cybersecurity into business planning, operations, and decision-making as a shared responsibility.

Key Areas of Accountability

Operational Security & Threat Management

• Monitor and manage enterprise-wide security tools, including endpoint protection, email and mobile security, SIEM systems, and antivirus platforms.
• Respond to threats, investigate anomalies, and coordinate swift resolution in partnership with infrastructure and DevOps teams.
• Conduct regular security reviews across infrastructure, cloud services, and business-critical applications.

Risk & Compliance Leadership

• Lead security assessments, including regular penetration testing and control reviews; document findings and drive resolution.
• Review and update internal policies, standards, and incident response frameworks.
• Maintain alignment with governance frameworks and ensure readiness for third-party audits and certifications.

Security Awareness & User Engagement

• Roll out phishing simulation exercises and deliver department-level reporting and improvement plans.
• Design and implement quarterly security training tailored to various job functions.
• Provide senior management with actionable insights via dashboards and summary reports on risk, exposure, and control effectiveness.

Privacy & Data Protection

• Collaborate with the Data Protection Officer (DPO) to embed PDPA compliance across business units.
• Coordinate responses to internal audits and support the implementation of data privacy policies and breach protocols.
• Oversee data lifecycle management, consent capture processes, and third-party privacy due diligence.

Strategic Projects & Vendor Oversight

• Drive implementation of new cybersecurity solutions to strengthen risk management and compliance monitoring.
• Evaluate and approve security clauses in vendor agreements; manage the third-party risk assessment process.
• Contribute to the design of a long-term cybersecurity roadmap aligned with business and digital objectives.

Who We’re Looking For

• Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or a closely related field.
• At least 5 years of experience in cybersecurity, including operations, governance, and regulatory compliance.
• Familiarity with PDPA , ISO 27001 , NIST , or similar regulatory and control frameworks.
• Experience with key cybersecurity platforms and tools, such as TrendMicro, phishing simulators, endpoint protection, and vulnerability management systems.
• Proven track record supporting audit processes, managing incidents, and preparing for security certifications.

Interested in this role? Please hit the apply button.

OR send your resume to [email protected]

EA Name: BuildBridge Partners Pte Ltd

EA License No: 25C2918

EA Reg No: R1551092

Khoo Yan Jie