Job Description

Abaxx Exchange is seeking an Information Security Manager (AVP/VP) to implement our Technology Risk Management (TRM) framework, guide further development of our information security policies and pract Abaxx Exchange is seeking an Information Security Manager (AVP/VP) to implement our Technology Risk Management (TRM) framework, guide further development of our information security policies and practices, and perform continuous assessment and enhancement of our business continuity and crisis management practices. The role will be responsible for assessing risks, implementing remediation plans, improvement strategies for any identified potential vulnerabilities, and coordinating and leading incident response. Roles and Responsibilities Implement the TRM framework across all architecture, systems, and platforms in a virtualization environment with a focus to information security and cyber security. Implement and maintain the enterprise TRM framework, including its supporting policies and procedures as informed by regulatory guidance and industry best practices. Lead and support internal/external security analysis and testing (e.g. vulnerability assessments, penetration testing, cybersecurity incident management, forensic analysis) as well as business continuity and crisis management practices. Lead routine internal technology risk assessments to demonstrate adherence to regulatory standards/guidance in Singapore as well as corresponding internal standards. Facilitate and coordinate the gathering, assessment, and preservation of analysis and evidence used to address vulnerabilities, threats, and any security violations. Work closely with internal and external technology partners/vendors to ensure proper implementation of information security practices and adherence to internal policies and procedures. Liaise with internal and external technology engineers/partners/vendors to develop, configure, apply and monitor automated threat vulnerabilities and detection scanning and reporting. Assess and continuously recommend information/network security enhancements to technology infrastructure including software and virtualisation environments. Keep abreast of the evolving industry best practices and threat vulnerabilities to ensure the TRM framework remains fit for purpose. Requirements Degree with a focus to technology risk, application/network security, systems engineering, computer science or equivalent. Relevant certifications related to information/cyber security (e.g., CEH, GSEC (GIAC), CISA, CISM, AWS, CISSP) would be preferred. At least 5 years information security related work experience in a field related to information security and a strong interest in staying current on cybersecurity trends and advancements. Knowledgeable in virtualisation environments (e.g. AWS, Azure), operating systems, coding languages (e.g., Python) and program change and software development practices (e.g., Agile, DevOps, DevSecOps) would be preferred. Experience working in regulated environments, financial institutions focused on financial, commodity and energy markets would be preferred. Motivated self-starter with strong analytical, organization, collaborative and communication skills. If you are motivated by the opportunity to be part of a dynamic and fast-growing start-up in the commodities markets, we invite you to contact us and share you background.