Information Security Manager - Cyber Risk & Regulatory

Description

& SummaryThis role sits within the CISO / Cyber Risk & Compliance function and focuses on managing internal cyber risk from a regulatory and GRC perspective. The role partners closely with the Network Information Security (NIS) teams and business stakeholders to assess cyber risks, evaluate control effectiveness, and support informed decision-making around residual risk.

You will act as a key bridge between regulatory expectations (e.g. MAS, CSA), global cyber controls, and local firm risk posture, helping leadership understand whether identified risks are acceptable and aligned with the firm’s risk appetite.

Key Responsibilities

Cyber Risk & Regulatory Oversight:

· Assess cyber risks and control effectiveness across the firm from a regulatory perspective, with primary focus on MAS, CSA, and other relevant regulatory frameworks.

· Conduct cyber risk assessments, including inherent and residual risk evaluation, aligned to...