CrawlJobs Logo

Information Security & Compliance Engineer (ISO 27001)

Singapore, Singapore 7000.00 - 9000.00 SGD / Month · Job Posted May 20, 2026
Apply Position
Job Link Share

Job Description

We need a dynamic, technically literate security professional with a strong IT background who can serve as our Global ISMS Management Representative under ISO/IEC 27001. You will own the bridge between governance and technical execution. You won’t just read about security gaps discovered by auditors. You will actively architect, evaluate, and validate the actual technical solutions (from SIEM and DLP to SSE and EDR) to close them.

Job Responsibility

  • Lead the international ISMS framework as the primary representative, keeping all risk registers and policies sharp to guarantee seamless passes for ISO 27001, SOC 1/2, and OSPAR
  • Spot technical vulnerabilities stemming from audits or business scaling, then spearhead proof-of-concepts for advanced tools (like SIEM, PAM, and EDR) to validate them before infrastructure deployment
  • Steer the monitoring ecosystem by decoding complex alerts, threat intelligence, and vulnerability data from SIEM, EDR, and DLP tools into tactical defense strategies
  • Command emergency response efforts from simulated exercises to full post-incident reviews, while scheduling routine penetration tests and vulnerability assessments
  • Team up with DevOps, R&D, and Infrastructure squads to weave secure-by-design principles right into the DNA of the product platforms
  • Act as the technical authority on security, handling high-stakes client questionnaires and reviewing contract clauses to help close business deals

Requirements

  • Minimum 5 years of experience in information security, successfully balancing technical IT operations with governance
  • Direct experience serving as an ISO27001 ISMS management representative and coordinating assurance audits like SOC1/SOC2
  • Ability to confidently interpret cloud security logs, SIEM alerts, EDR findings, and vulnerability scans
  • You should understand cloud architectures (AWS/Alibaba Cloud preferred) and core security domains (IAM, encryption, network security)
  • ISO27001, ISMS management representative, cloud security logs, SIEM alerts, EDR findings, vulnerability scans, AWS, Alibaba Cloud, SOC1/SOC2, SIEM, DLP, EDR, ISO/IEC 27001, CISSP, CISA, IT Security, security compliance, CISM, CCSP, ISO 27001 Lead Imp
  • Associate Degree/Diploma

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Information Security & Compliance Engineer (ISO 27001)

8 matching positions

Senior IT Security Compliance Engineer

The Senior IT Security Compliance Engineer is responsible for developing, mainta...
Location
Location
Egypt , Cairo
Salary
Salary:
Not provided
arrow.com Logo
Arrow Electronics
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong knowledge of information security principles, risk management, and compliance frameworks, with a solid understanding of ISO 27001 requirements and controls
  • Hands-on experience supporting audits and compliance programs for frameworks such as ISO 27001, SOC 2, CMMC, NIST, or similar
  • GRC-related certification (e.g., CISSP, CISA, CRISC, ISO 27001 Lead Implementer/Lead Auditor) is preferred
  • Experience working in SaaS or technology-driven environments is highly desirable
  • Familiarity with cloud computing platforms and cloud security principles
  • Excellent written and verbal communication skills, with proven ability to produce clear, high-quality security documentation and reports
  • Minimum of 5 years of professional experience in cybersecurity, information security, or compliance-related roles
  • Bachelor’s degree in Computer Engineering, Computer Science, Information Security, or a related field
Job Responsibility
Job Responsibility
  • Develop, review, and maintain IT security policies, standards, procedures, and guidelines in alignment with industry best practices and regulatory requirements
  • Lead and coordinate compliance initiatives for security frameworks and standards, including but not limited to ISO 27001, SOC 2, CMMC, NIST, and internal security assessments
  • Manage audit readiness activities, including documentation preparation, evidence collection, stakeholder coordination, and remediation tracking for internal and external audits
  • Respond to customer and partner security questionnaires, ensuring accurate, consistent, and timely responses
  • Conduct periodic security and risk assessments to evaluate the effectiveness of security controls and identify improvement opportunities
  • Track, manage, and follow up on vulnerability remediation efforts in collaboration with IT, engineering, and operations teams
  • Prepare and deliver security metrics, compliance reports, and executive-level summaries
  • Provide security awareness, training, and education to employees to promote a strong security culture across the organization
  • Support continuous improvement of governance, risk, and compliance (GRC) processes and tooling
  • Fulltime
Read More
Arrow Right

Senior Information Security Engineer

SmartRecruiters is looking for a Senior Information Security Engineer to join th...
Location
Location
Poland
Salary
Salary:
Not provided
smartrecruiters.com Logo
SmartRecruiters
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in information security, governance, risk, and/or compliance roles with a technical orientation
  • Demonstrated compliance or auditing experience with at least one major framework
  • Solid understanding of controls auditing principles and evidence management
  • Knowledge of risk management methodologies and experience conducting or supporting risk assessments
  • Ability to manage and deliver on multiple complex projects simultaneously, with minimal supervision
  • The ability to investigate, question, and interpret internal and external IT security and compliance issues at both a governance and technical level
  • A strong understanding of technology, cloud-based products, and SaaS environments
  • Experience working across business units and geographical boundaries to engage engineering, business, and operational teams
  • Experience with ISO 27001
  • Excellent written and verbal communication skills in English
Job Responsibility
Job Responsibility
  • Identify manual, repetitive GRC processes and design automation blueprints to streamline them, including evidence collection, control monitoring, access reviews, policy enforcement checks, and compliance reporting
  • Build and maintain automated workflows using compliance platforms, scripting, or integration tools to reduce manual effort and improve audit-readiness
  • Develop reusable templates, playbooks, and standardised blueprints for recurring GRC activities (e.g., vendor assessments, internal audits, risk reviews) to ensure consistency and scalability
  • Collaborate with engineering and IT teams to integrate security and compliance checks into existing toolchains and CI/CD pipelines where applicable
  • Continuously evaluate and improve GRC tooling, data flows, and reporting to drive operational efficiency across the team
  • Manage stakeholder expectations and partner with internal teams to ensure effective management of IT risks and compliance obligations
  • Maintain regional and local stakeholder relationships, meeting schedules, minutes, and reports
  • Support the maintenance of the SOC 2 Type II framework, including evidence collection, control testing coordination, and audit support
  • Effectively manage ISO 27001 and ISO 22301 audit lifecycles and coordinate with stakeholders on ISMS and BCMS improvements
  • Support the maintenance and continuous improvement of the ISO 42001 (AI Management System) framework in alignment with the EU AI Act
Read More
Arrow Right

Information Security Engineer

The Information Security Engineer is responsible for designing, implementing, an...
Location
Location
Türkiye , Istanbul
Salary
Salary:
Not provided
5CA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of experience in information security engineering, cloud security, or infrastructure security roles
  • Hands-on experience implementing security controls in Azure and Microsoft 365 ecosystems
  • Experience with Defender for Endpoint, Defender for Cloud, Defender for Identity, and Sentinel
  • Experience with secure cloud networking, identity governance, and Zero Trust principles
  • Experience supporting complex incident response investigations
  • Familiarity with ITIL processes (incident, change, problem)
  • Understanding of security frameworks (i.e. ISO 27001:2022) and data privacy regulations (i.e. GDPR)
  • Azure security architecture, governance, and configuration
  • Advanced Entra ID identity governance and access control
  • Endpoint and cloud threat detection (Defender suite)
Job Responsibility
Job Responsibility
  • Design, implement, and maintain security controls across Azure, Entra ID, Microsoft 365, network, and endpoint environments
  • Develop and maintain secure configurations, baselines, and policy frameworks using Azure Policy, Intune compliance, and conditional access
  • Integrate and optimize security tools including Microsoft Defender suite, SIEM/SOAR platforms, cloud security posture management, and identity governance systems
  • Support the design and review of cloud architectures, including secure VNet design, firewalls/NSGs, Private Link, and hybrid connectivity
  • Implement key cloud security protections such as encryption, identity governance, privileged access control, and secure automation frameworks
  • Partner with Cloud Engineers to codify security controls using Infrastructure-as-Code (IaC)
  • Implement and manage identity governance: MFA, Conditional Access, PIM, RBAC, role lifecycle automation
  • Review, assess, and refine authentication and access control configurations
  • Conduct periodic privileged access audits and align identity practices with Zero Trust principles
  • Tune and enhance SIEM/Sentinel detections, automation, and response playbooks
What we offer
What we offer
  • Flexibility to work 100% remotely with no wasted commute time and travel costs
  • Position at a fast-paced international company with ambitious gaming, e-commerce, and tech clients
  • Diverse and inclusive culture with people from 80+ countries, speaking 25+ languages
  • Innovative digital tools, and continuous opportunities for learning and development
  • Access to Udemy Business for learning and development
  • Fun employee engagement activities and participation in 5CA employee-lead communities such as 5CA Connect, Pride, 5CA Gamers, Women of 5CA
  • Fulltime
Read More
Arrow Right

Information Security Engineer

The Information Security Engineer is responsible for designing, implementing, an...
Location
Location
Poland
Salary
Salary:
Not provided
5CA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of experience in information security engineering, cloud security, or infrastructure security roles
  • Hands-on experience implementing security controls in Azure and Microsoft 365 ecosystems
  • Experience with Defender for Endpoint, Defender for Cloud, Defender for Identity, and Sentinel
  • Experience with secure cloud networking, identity governance, and Zero Trust principles
  • Experience supporting complex incident response investigations
  • Familiarity with ITIL processes (incident, change, problem)
  • Understanding of security frameworks (i.e. ISO 27001:2022) and data privacy regulations (i.e. GDPR)
  • Azure security architecture, governance, and configuration
  • Advanced Entra ID identity governance and access control
  • Endpoint and cloud threat detection (Defender suite)
Job Responsibility
Job Responsibility
  • Security Engineering & Control Implementation: Design, implement, and maintain security controls across Azure, Entra ID, Microsoft 365, network, and endpoint environments
  • Cloud & Infrastructure Security Architecture: Support the design and review of cloud architectures
  • Identity & Access Security (Entra ID & M365): Implement and manage identity governance
  • Security Monitoring & Threat Engineering: Tune and enhance SIEM/Sentinel detections, automation, and response playbooks
  • Incident Response & Digital Forensics Support: Serve as technical escalation during high-severity incidents
  • Vulnerability & Risk Management: Support vulnerability assessment programs across cloud, endpoints, and SaaS platforms
  • Compliance, Governance & ISO 27001 Alignment: Implement and maintain controls aligned with ISO 27001:2022 requirements
  • Automation, Scripting & Continuous Improvement: Build and maintain automation using PowerShell, Azure CLI, Logic Apps, and Functions
  • Collaboration & Knowledge Leadership: Work closely with Cloud, IT Support, Development, and Compliance teams
  • Ticket Resolution & Request Fulfilment: Respond to and resolve incidents and requests within the agreed SLAs
What we offer
What we offer
  • The flexibility to work 100% remotely with no wasted commute time and travel costs
  • A position at a fast-paced international company with ambitious gaming, e-commerce, and tech clients
  • A diverse and inclusive culture with people from 80+ countries, speaking 25+ languages
  • Innovative digital tools, and continuous opportunities for learning and development
  • Access to Udemy Business for learning and development
  • Fun employee engagement activities and participation in 5CA employee-lead communities
Read More
Arrow Right

Information Security Engineer

The Information Security Engineer is responsible for designing, implementing, an...
Location
Location
South Africa
Salary
Salary:
Not provided
5CA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of experience in information security engineering, cloud security, or infrastructure security roles
  • Hands-on experience implementing security controls in Azure and Microsoft 365 ecosystems
  • Experience with Defender for Endpoint, Defender for Cloud, Defender for Identity, and Sentinel
  • Experience with secure cloud networking, identity governance, and Zero Trust principles
  • Experience supporting complex incident response investigations
  • Familiarity with ITIL processes (incident, change, problem)
  • Understanding of security frameworks (i.e. ISO 27001:2022) and data privacy regulations (i.e. GDPR)
  • Azure security architecture, governance, and configuration
  • Advanced Entra ID identity governance and access control
  • Endpoint and cloud threat detection (Defender suite)
Job Responsibility
Job Responsibility
  • Design, implement, and maintain security controls across Azure, Entra ID, Microsoft 365, network, and endpoint environments
  • Develop and maintain secure configurations, baselines, and policy frameworks using Azure Policy, Intune compliance, and conditional access
  • Integrate and optimize security tools including Microsoft Defender suite, SIEM/SOAR platforms, cloud security posture management, and identity governance systems
  • Support the design and review of cloud architectures, including secure VNet design, firewalls/NSGs, Private Link, and hybrid connectivity
  • Implement key cloud security protections such as encryption, identity governance, privileged access control, and secure automation frameworks
  • Partner with Cloud Engineers to codify security controls using Infrastructure-as-Code (IaC)
  • Implement and manage identity governance: MFA, Conditional Access, PIM, RBAC, role lifecycle automation
  • Review, assess, and refine authentication and access control configurations
  • Conduct periodic privileged access audits and align identity practices with Zero Trust principles
  • Tune and enhance SIEM/Sentinel detections, automation, and response playbooks
What we offer
What we offer
  • The flexibility to work 100% remotely with no wasted commute time and travel costs
  • A position at a fast-paced international company with ambitious gaming, e-commerce, and tech clients
  • A diverse and inclusive culture with people from 80+ countries, speaking 25+ languages
  • Innovative digital tools, and continuous opportunities for learning and development
  • Access to Udemy Business for learning and development
  • Fun employee engagement activities and participation in 5CA employee-lead communities
  • Fulltime
Read More
Arrow Right

Information Security Engineer

The Information Security Engineer is responsible for designing, implementing, an...
Location
Location
Serbia , Belgrade
Salary
Salary:
Not provided
5CA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of experience in information security engineering, cloud security, or infrastructure security roles
  • Hands-on experience implementing security controls in Azure and Microsoft 365 ecosystems
  • Experience with Defender for Endpoint, Defender for Cloud, Defender for Identity, and Sentinel
  • Experience with secure cloud networking, identity governance, and Zero Trust principles
  • Experience supporting complex incident response investigations
  • Familiarity with ITIL processes (incident, change, problem)
  • Understanding of security frameworks (i.e. ISO 27001:2022) and data privacy regulations (i.e. GDPR)
  • Azure security architecture, governance, and configuration
  • Advanced Entra ID identity governance and access control
  • Endpoint and cloud threat detection (Defender suite)
Job Responsibility
Job Responsibility
  • Design, implement, and maintain security controls across Azure, Entra ID, Microsoft 365, network, and endpoint environments
  • Develop and maintain secure configurations, baselines, and policy frameworks using Azure Policy, Intune compliance, and conditional access
  • Integrate and optimize security tools including Microsoft Defender suite, SIEM/SOAR platforms, cloud security posture management, and identity governance systems
  • Support the design and review of cloud architectures, including secure VNet design, firewalls/NSGs, Private Link, and hybrid connectivity
  • Implement key cloud security protections such as encryption, identity governance, privileged access control, and secure automation frameworks
  • Partner with Cloud Engineers to codify security controls using Infrastructure-as-Code (IaC)
  • Implement and manage identity governance: MFA, Conditional Access, PIM, RBAC, role lifecycle automation
  • Review, assess, and refine authentication and access control configurations
  • Conduct periodic privileged access audits and align identity practices with Zero Trust principles
  • Tune and enhance SIEM/Sentinel detections, automation, and response playbooks
What we offer
What we offer
  • Flexibility to work 100% remotely
  • Position at a fast-paced international company with ambitious gaming, e-commerce, and tech clients
  • Diverse and inclusive culture with people from 80+ countries, speaking 25+ languages
  • Innovative digital tools, and continuous opportunities for learning and development
  • Access to Udemy Business for learning and development
  • Fun employee engagement activities and participation in 5CA employee-lead communities
  • Fulltime
Read More
Arrow Right

Information Security Engineer

We’re looking for a hands-on Information Security Engineer who enjoys keeping sy...
Location
Location
United States , Portland
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–8 years of experience in security engineering, operations, or GRC
  • Strong grasp of security principles and frameworks (NIST, CIS, ISO 27001, SOC 2)
  • Experience securing Windows and/or Linux environments
  • Comfortable in a small team where you wear multiple (secure) hats
  • Bachelor’s degree or equivalent experience
  • security certs are a plus
Job Responsibility
Job Responsibility
  • Harden systems, patch vulnerabilities, and keep configurations secure
  • Monitor logs and alerts, respond to incidents, and investigate “that looks suspicious” moments
  • Manage security tools (SIEM, endpoint protection, vulnerability scanners)
  • Assess security impact of system changes before they become problems
  • Support risk assessments, audits, and compliance efforts
  • Create and maintain security policies, documentation, and metrics
What we offer
What we offer
  • medical, vision, dental, and life and disability insurance
  • 401(k) plan
  • Fulltime
Read More
Arrow Right

Information Security Engineer

We are seeking a highly skilled Information Security Engineer to lead the develo...
Location
Location
Philippines , Makati City
Salary
Salary:
Not provided
jobs.360resourcing.co.uk Logo
360 Resourcing Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of progressive experience in information security roles, preferably with exposure across application, cloud, and infrastructure domains
  • Bachelor's Degree in Computer Science, Information Technology, Software Engineering, Computer Engineering, Electronics Engineering, or related field
  • Experience in managing and securing cloud platforms
  • Hands-on experience with security tools including EDR, DLP, email security, vulnerability scanners, and SIEM
  • Working knowledge of secure SDLC practices, application security testing, and DevSecOps integration
  • Experience with identity and access management (IAM), conditional access, and zero trust architecture
  • Intermediate background in incident response, and threat modeling methodologies (STRIDE, MITRE ATT&CK, etc.)
  • Familiarity with regulatory and compliance standards (e.g., NIST, ISO 27001, GDPR, SOC 2, PCI-DSS)
  • Excellent communication and collaboration skills
  • ability to work across technical and non-technical teams
Job Responsibility
Job Responsibility
  • Implement secure SDLC initiatives by integrating security into design, development, and deployment workflows
  • Conduct threat modeling for both applications and infrastructure to identify and mitigate risks early in the lifecycle
  • Secure cloud platforms, including identity controls, configuration hardening, and policy enforcement
  • Assess and secure financial web applications hosted in AWS through code reviews, penetration testing coordination, and architecture reviews
  • Operate and monitor key security platforms such as EDR/XDR solutions, DLP solutions across endpoints, cloud, and email, Email Security Solutions
  • Ensure proper tuning, coverage, and integration of security tools with enterprise IT systems and logging pipelines
  • Participate in day-to-day security monitoring using SIEM, EDR/XDR, and other detection platforms to augment the SOC team when required
  • Assist in configuring and tuning monitoring tools for optimal detection coverage
  • Collaborate with different teams to investigate security alerts and incidents
  • Support incident response activities, including triage, containment, and remediation efforts
  • Fulltime
Read More
Arrow Right