Skip Navigation

Thales Careers

Search our jobs, use specific search options to find the perfect match


Chief information Security Officer Asia

Job ID: R0141957 Location: Singapore, , Singapore
Regular Employment, Full time
Location: Singapore, Singapore

In fast changing markets, customers worldwide rely on Thales. Thales is a business where brilliant people from all over the world come together to share ideas and inspire each other. In aerospace, transportation, defence, security and space, our architects design innovative solutions that make our tomorrow's possible.

Thales established its presence in Singapore in 1973 to support the expansion of aerospace-related activities in the Asia-Pacific region. Throughout the last four decades, the company grew from strength to strength and is today involved in the primary businesses of Aerospace (including Air Traffic Management), Defence & Security, Ground Transportation and Digital Identity & Security. Thales today employs over 2,100 people in Singapore across all its business areas.

The Asia CISO is responsible for all aspects of information security and cyber security across all of IS/IT including; developing and maintaining a robust security strategy with solid security policies; protocols and procedures across enterprise security architecture, security operations centre, data centre security, and network security including cloud and applications security with appropriate security measures and initiatives.

This role also advises senior leaders and other stakeholders on the further development, implementation and management of a Global/regional/country-wide IT security infrastructure that contains appropriate control objectives for system integrity, availability, reliability, resilience, confidentiality and assurance to company, industry and international standards



Develop and maintain in association with the organization's Information Security team, the information security policies, standards and procedures. Ensure that company policies support external requirement. Oversee the diffusion of policies, standards and procedure to user community.

Education, training and awareness:

Coordinate/develop an education and training program on information security. Provide direct information security training to the workforce. Initiates, facilitates, and promotes activities to foster information security awareness within the organization.

Compliance and enforcement:

Monitors compliance with the organization's security policies, standards and procedures among employees, contractors, alliances and other third parties and takes corrective actions

Incident response:

Develop and implement an incident reporting and response system to address security incidents, respond to alleged policy violation or complain by third party. Work with company and GBU/CBU SOCs

Risk assessment and risk prevention:

Performs information security risk analysis and periodic information system activity reviews for information security processes (company security audit framework) and provide/recommend remediation roadmap.

Official contact:

Serve as focal point on Information Security matter with counterparts within the group and external parties

Maintain knowledge base:

Keep abreast of latest security, privacy legislation and advisory alerts pertaining to the company and group. Serves as an internal information security consultant to the organization

Emergency preparedness:

Coordinates the development of the organizations disaster recovery and business continuity plans for information systems, and tests readiness


Knowledge, Skills and Abilities

  • Demonstrated consultative approach to driving change and deploying controls
  • Knowledge of technological trends and developments in the area of information security and risk management
  • Knowledge of firewalls, anti-virus, intrusion detection/intrusion prevention systems, virtual private networks, remote access systems, network zoning, centralized monitoring, and application scanning
  • Knowledge of information security and risk control frameworks such as COBiT, ISO 27001, ITIL, and ISO 31000 is a must
  • Knowledge of business continuity and IT disaster recovery frameworks such as ISO 22301 and ISO 27031 is preferred
  • Demonstrated ability to work effectively with a team, delivering high performance and customer satisfaction, in a culturally diverse, matrix management environments
  • Strong facilitation skills and a clear ability to build strong
  • Able to travel within the Asia region

Education, Experience and Language Skills

  • Bachelor's degree in related field required, advanced degree is a plus
  • Holding a senior leadership role in information/cyber security for minimum of 5 years
  • A minimum of 10 years of experience on managing information risk and security programs
  • Professional certification, such as CISSP, CISM, CISA, CRISC, or other information security credentials, is preferred
  • Experience with carefully managing budgets to deliver demonstrable value
  • Extensive experience in information security architecture, consultative stakeholder management, and strategic planning
  • Experience with classified networks, information classification, and confidentiality requirements associated with high security environments
  • Excellent written and verbal English communications and ability to articulate complex technical ideas to non-technical stakeholders. Knowledge of other languages is an advantage

At Thales we provide CAREERS and not only jobs. With Thales employing 80,000 employees in 68 countries our mobility policy enables thousands of employees each year to develop their careers at home and abroad, in their existing areas of expertise or by branching out into new fields. Together we believe that embracing flexibility is a smarter way of working. Great journeys start here, apply now!

< Go Back to results

About our location

Singapore, Singapore