Job Description
Our client is looking for an experienced IT Security Manager to lead and strengthen security across cloud platforms, applications, and corporate IT environments. This role will drive security governance, application security, cloud security, compliance, and incident response while partnering closely with Engineering, Product, IT, Legal, and Operations teams.
Key Responsibilities
- Develop and manage the organization's information security strategy, policies, and governance framework.
- Lead security risk assessments, compliance initiatives, and audit readiness activities.
- Embed security into the software development lifecycle, including secure coding, threat modelling, and vulnerability management.
- Manage cloud security across AWS environments, covering identity management, monitoring, encryption, and infrastructure security.
- Oversee application security tools, vulnerability scanning, and security controls within CI/CD pipelines.
- Lead incident response, security monitoring, and business continuity initiatives.
- Strengthen identity and access management, data protection, and privacy controls.
- Deliver security awareness programmes and promote security best practices across the organisation.
- Monitor security metrics and drive continuous improvement across security operations.
Requirements
- Bachelor's degree in Information Security, Computer Science, Information Technology, or a related discipline.
- 6–10 years of experience in IT Security, Application Security, Cloud Security, or Cybersecurity.
- Strong hands-on experience with secure SDLC, application security, and vulnerability management.
- Experience securing AWS cloud environments, including IAM, monitoring, logging, and cloud security services.
- Familiarity with security tools such as SAST, DAST, dependency scanning, secret management, and SIEM platforms.
- Solid understanding of security frameworks and compliance standards such as ISO 27001, SOC 2, PDPA, and GDPR.
- Experience leading security incident response and communicating security risks to both technical and business stakeholders.
- Strong leadership, analytical, and risk assessment skills.
Preferred Qualifications
- Professional certifications such as CISSP, CCSP, AWS Certified Security – Specialty, or ISO 27001 Lead Implementer/Auditor.
- Experience supporting SaaS, cloud-native, or large-scale digital platforms.
- Knowledge of container security, Kubernetes, serverless security, SBOM, and software supply chain security.
For more information or confidential consultation, please do not hesitate to contact Athirah at athirah@bell-ward.com
We thank you for applying with us in advance but only short-listed candidates will be notified.
For candidates who applied to this job is deemed to have consented to the collection, use and disclosure of personal data by our organization for a purpose of this or any job application with Bell Ward.
Company Registration No.: 1080098-P (JTK License No: JTKSM 427)