Career Opportunities

Information Security Officer

Singapore, SG Full-Time Technology

Role Summary

The Information Security Officer will work alongside the Head of Information Security to lead and report on security programs across Marex entities in the APAC region. The primary responsibility is to ensure consistent application and adherence to the Group’s information security policies and local regulations, as well as assistance in security operations tasks.

The role requires an experienced security professional capable of managing a wide range of tasks, including access management audits, third-party security assessments, and participation in formal management committees while at the same time has hands-on experience and understanding of security operations and incident response procedures.

Ability to effectively manage multiple stakeholders and priorities, as well as wide security knowledge and expertise, are key to be successful in this position.

** Singapore Citizens and Permanent Residents ONLY.

Overview

Marex has unique access across markets with significant share globally both on and off exchange. The depth of knowledge amongst its teams and divisions provides its customers with clear advantage, and its technology-led service provides access to all major exchanges, order-flow management via screen, voice and DMA, plus award-winning data, insights and analytics.

The Technology Department delivers differentiation, scalability and security for the business. Reporting to the COO, Technology provides digital tools, software services and infrastructure globally to all business groups. Software development and support teams work in agile ‘streams’ aligned to specific business areas. Our other teams work enterprise-wide to provide critical services including our global service desk, network and system infrastructure, IT operations, security, enterprise architecture and design.
The Information Security team reports to the CTO and is responsible for protecting Marex data and assets, as well as providing security advice. The team is relatively small; therefore, its members have a chance to experience various areas of security.

Responsibilities

  • Working with APAC regulators and agencies, such as SFC and MAS
  • Coordination and participation in external and internal audits
  • Maintenance of local Information Systems Security Policy (ISSP) and related controls
  • Conducting risk assessments in accordance with Marex policies, regulatory requirements, and recognized security frameworks
  • Ensuring effective protection of Marex data
  • Conducting security reviews of third party vendors and suppliers
  • Providing expert security guidance and direction at both technical and managerial levels.
  • Technical point of contact for security related matters
  • Developing and documenting security standards and procedures
  • Responding and investigating security incidents and exceptions
  • Providing relevant KPI and KRI metrics
  • Participating in Group activities such as penetration testing, privileged access monitoring, access reviews, and Data Loss Prevention
  • Provide management, leadership and mentoring to junior officers.
  • Adhere to the operational risk framework for your role ensuring that all regulatory or company determined parameters are complied with.
  • Role model for demonstrating highest level standards of integrity and conduct and reflecting Company Values.
  • At all times comply with the Marex’s Code of Conduct
  • Ensure that you are fully aware of and adhere to internal policies that relate to you, your role or any other activities for which you have any level of responsibility.
  • Report any breaches of policy to Compliance and/ or your supervisor as required.
  • Escalate risk events immediately.
  • Provide input to risk management processes, as required.

Skills and Experience

  • Essential:
    • A minimum of 5 years of experience in the field of Information Security.
    • Demonstrated ability to successfully lead and manage information security programs.
    • Understanding APAC financial regulatory landscape and requirement.
    • Proficiency in managing interactions with regulatory bodies and audit entities.
    • Comprehensive knowledge and expertise across multiple security domains.
    • Excellent communication skills, with the ability to effectively engage with stakeholders, regulators, and auditors.
    • Strong presentation skills: ability to effectively communicate complex information and ideas to a variety of audiences, using clear and concise language, visual aids, and engaging delivery techniques.
    • Excellent verbal and written communication skills
  • Competencies:
    • A collaborative team player, approachable, self-efficient and influences a positive work environment
    • Demonstrates curiosity
    • Resilient in a challenging, fast-paced environment
    • Ability to take a high level of responsibility in a fast pace and high-volume environment
    • Excels at building relationships, networking and influencing others
    • Strategic collaborator with insight and agility, able to anticipate future challenges, ensuring operational effectiveness