Information Security Manager
Information Security Manager
Toku’s mission is to help companies engage with their customers efficiently. We have helped companies move all the voice communications to the cloud and recently embarked on creating products that help companies to keep engaging with their customers no matter where their employees are working from.
Toku is currently getting into a scale-up mode. We want to continue creating momentum for our products in the APAC region and helping customers with their communications needs. As we further scale our operations, we are looking for an experienced Information Security Manager, to design and execute our security strategy. Want to be part of our journey?
What would you be doing?
The Information Security Manager reports to the SVP of Infrastructure. This role will support the implementation of Toku’s security strategy. He/she ensures that Toku’s systems and networks meet the company’s security requirements and are periodically updated to address any security vulnerabilities. He/she responds to events and assesses whether these are security incidents and the severity levels of security incidents.
- Designing, driving and implementing a security strategy that supports the corporate objectives and Toku’s overall growth while efficiently securing Toku’s data and critical assets.
- Providing challenge and assessment of potential technology risks including information and cyber security control weaknesses.
- Introducing security best practices, and providing sound recommendations as well as strategic directions to increase the effectiveness of Toku’s organization and offering.
- Managing security projects and providing guidance on security matters for other projects.
- Assisting and guiding the disaster recovery planning team in the selection of recovery strategies and the development, testing and maintenance of disaster recovery plans.
- Ensuring audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements.
- Designing, coordinating and overseeing security testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks.
- Working as a liaison with vendors and the legal and procurement departments to establish mutually acceptable contracts and service-level agreements.
- Helping various stakeholders to identify information asset owners to classify data and systems as part of a control framework implementation.
- Serving as an active and consistent participant in the information security governance process.
We would love to hear from you if you have:
- Degree in Computer Science or a technology-related field
- Possess at least 5 years of relevant work experience.
- Professional information security certification such as CISSP, CISA, CISM, GCIH, etc.
- Proven experience in information security and security operations.
- Solid knowledge of various information security technologies including browser isolation, VPN, DDOS mitigation technologies, firewall, and intrusion detection/prevention systems, endpoint security, cloud security, etc.
- Coordinate the continuous development, implementation and updating of security and privacy policies, standards, guidelines, baselines, processes, and procedures in compliance with Singapore regulations and standards.
- Identify acceptable levels of residual risk and assist with action plans, policy, and procedural changes for risk mitigation.
- Outstanding organizational, analytical, and troubleshooting skills
- Excellent written and oral business communication skills, and ability to educate a non-technical audience about various security measures.
- Knowledge and experience with networking concepts, protocols, and services.
- Knowledge and experience in setup, maintenance, and security of Windows and Linux operating systems.
- Experience in ISO27001, SOC2, and CSA STAR certifications preferred
What would you get?
- Hybrid working arrangements
- Training and Development
- Discretionary Yearly Bonus & Salary Review
- Healthcare Coverage based on location
- 20 days Paid Annual Leave (excluding Bank holidays)
If you would love to experience working in a start-up growing at an accelerated speed, and you think you tick most of the requirements, come join us!