Manager, Infrastructure Security

About the Job

The Manager, Infrastructure Security will be responsible for ensuring the security, compliance, and resilience of the organisation's IT infrastructure. This role is an individual contributor position that requires hands-on technical expertise in infrastructure security management, compliance frameworks (including PCI DSS 4.0), and operational security processes. The individual will work closely with IT custodians, risk management, and internal stakeholders to maintain a strong security posture.

• Establish, maintain, and periodically review standard operating procedures (SOPs) for business-as-usual (BAU) infrastructure security management.
• Ensure security policies and standards are consistently implemented across on-premises, cloud, and hybrid platforms.
• Establish and maintain processes aligned with PCI DSS 4.0 requirements to support ongoing compliance readiness.
• Maintain and continuously improve processes and documentation related to infrastructure security.
• Perform firewall rule reviews on a periodic basis, ensuring compliance with security policies and risk tolerance.
• Monitor, track, and follow up on remediation of security findings from internal network vulnerability assessments (NVA).
• Manage Data Loss Prevention (DLP) exception requests and ensure proper governance and approval workflows.
• Oversee the execution of internal NVA and wireless penetration tests, including triage and remediation coordination.
• Ensure timely dissemination of Cyber Threat Intelligence (CTI) to IT custodians for risk assessment and action.
• Coordinate and support cyber insurance review and renewal processes, providing relevant security documentation and updates.
• Prepare, track, and manage monthly infrastructure security KPI reports for management and stakeholders.

We are looking for people who

• Bachelor's degree in Information Security, Computer Science, or related field.
• 7+ years of IT security experience, with at least 4 years in infrastructure security within financial industries.
• Professional cybersecurity certifications such as CISSP, CISM, CISA, or CCSP are preferred.
• Strong knowledge of firewall technologies, vulnerability management, and DLP tools.
• Experience with PCI DSS 4.0 compliance and other financial industry regulatory requirements.
• Familiarity with threat intelligence, cyber insurance, and IT risk management practices.

How you succeed

• Champion and embody our Core Values in everyday tasks and interactions.
• Demonstrate high level of integrity and accountability.
• Take initiative to drive improvements and embrace change.
• Take accountability of business and regulatory compliance risks, implementing measures to mitigate them effectively.
• Keep abreast with industry trends, regulatory compliance, and emerging threats and technologies to understand and highlight potential concerns/ risks to safeguard our company proactively.

Who we are

Founded in 1908, Great Eastern is a well-established market leader and trusted brand in Singapore and Malaysia. With over S$100 billion in assets and more than 16 million policyholders, including 12.5 million from government schemes, it provides insurance solutions to customers through three successful distribution channels a tied agency force, bancassurance, and financial advisory firm Great Eastern Financial Advisers. The Group also operates in Indonesia and Brunei.

The Great Eastern Life Assurance Company Limited and Great Eastern General Insurance Limited have been assigned the financial strength and counterparty credit ratings of AA- by S&P Global Ratings since 2010, one of the highest among Asian life insurance companies. Great Eastern's asset management subsidiary, Lion Global Investors Limited, is one of the leading asset management companies in Southeast Asia.

Great Eastern is a subsidiary of OCBC, the longest established Singapore bank, formed in 1932. It is the second largest financial services group in Southeast Asia by assets and one of the world's most highly-rated banks, with an Aa1 rating from Moody's and AA- by both Fitch and S&P. Recognised for its financial strength and stability, OCBC is consistently ranked among the World's Top 50 Safest Banks by Global Finance and has been named Best Managed Bank in Singapore by The Asian Banker.

To all recruitment agencies: Great Eastern does not accept unsolicited agency resumes. Please do not forward resumes to our email or our employees. We will not be responsible for any fees related to unsolicited resumes.