NCS is a leading technology services firm that operates across the Asia Pacific region in over 20 cities, providing consulting, digital services, technology solutions, and more. We believe in harnessing the power of technology to achieve extraordinary things, creating lasting value and impact for our communities, partners, and people. Our diverse workforce of 13,000 has delivered large-scale, mission-critical, and multi-platform projects for governments and enterprises in Singapore and the APAC region. 

As a Senior IT Security Practitioner with expertise in Governance, Risk, and Compliance (GRC) and strong Service Delivery Management experience, the ideal candidate will oversee the effective delivery of IT Security services and governance initiatives, ensuring adherence to SLAs, financial accountability, stakeholder satisfaction, and continuous improvement of service quality.

This role requires a strategic leader who can balance operational excellence with security governance and risk management, driving both compliance and client satisfaction across multiple teams.

What will you do?

Governance

• Develop and maintain IT security governance frameworks ensuring alignment with business objectives and compliance requirements.
• Create, implement, and manage security policies, standards, and procedures in line with industry best practices and regulatory requirements.
• Oversee the execution of a comprehensive governance strategy that ensures effective risk management and protection of organizational assets.

Risk Management

• Lead risk assessments and evaluations to identify, assess, and mitigate security risks across the organization’s IT systems and infrastructure.
• Conduct risk and vulnerability assessments and provide actionable recommendations for mitigation.
• Collaborate with business units and third parties to manage vendor and operational risks.

Compliance

• Ensure ongoing compliance with relevant laws, regulations, and standards by conducting periodic audits and assessments.
• Coordinate with internal and external auditors to manage audit readiness, documentation, and remediation.
• Stay current with regulatory and industry developments and update governance frameworks accordingly.

Service Delivery Management

• Manage the day-to-day delivery of IT security and governance services across multiple client environments, ensuring service quality and performance against defined SLAs and KPIs.
• Oversee financial management of service contracts, including budgeting, forecasting, and cost optimization to ensure profitability and operational efficiency.
• Drive continuous improvement initiatives in service delivery through performance reviews, trend analysis, and feedback from key stakeholders.
• Ensure timely and accurate reporting of service performance, risks, and deliverables to management and clients.
• Develop and maintain strong stakeholder relationships with clients, internal teams, and vendors to ensure expectations are met and issues are promptly resolved.
• Coordinate cross-functional collaboration among SOC, Governance, and Managed Security Device teams to deliver unified and seamless service outcomes.

Leadership & Strategy

• Mentor and guide team members across governance, risk, and service delivery functions.
• Support strategic decision-making by providing insights on operational performance, risk exposure, and client satisfaction.
• Lead or participate in cross-functional initiatives aimed at enhancing service delivery and security posture.

Continuous Improvement

• Regularly evaluate service performance, governance practices, and compliance posture to identify opportunities for enhancement.
• Stay updated on emerging threats, technologies, and security trends to adapt service delivery strategies accordingly.

The ideal candidate should possess:

• Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or related field.
• 10+ years of experience in IT security, including at least 3 years in a Service Delivery or Operations Management capacity.
• Strong understanding of ITIL processes and security frameworks such as NIST CSF, ISO 27001, and COBIT.
• Proven track record in managing SLAs, budgets, and client relationships.
• CISSP, CISM, CRISC, CISA, ISO 27001 Lead Implementer/Auditor, ITIL Expert/Intermediate.
• Strong knowledge of GRC tools, risk management platforms, and ITSM systems.
• Understanding of cloud and infrastructure security controls, SIEM, and vulnerability management.
• Ability to interpret security metrics and translate them into actionable operational improvements.

Key Competencies:

• Leadership & Collaboration: Ability to unify diverse teams (GRC, SOC, Managed Security) toward shared objectives.
• Service Excellence: Strong focus on SLA adherence, deliverables, and client satisfaction.
• Analytical Thinking: Skilled in data-driven decision-making and performance improvement.
• Financial Acumen: Competent in cost management and service profitability tracking.
• Communication: Effective stakeholder communication at all levels of the organization.

We are driven by our AEIOU beliefs—Adventure, Excellence, Integrity, Ownership, and Unity—and we seek individuals who embody these values in both their professional and personal lives. We are committed to our Impact: Valuing our clients, Growing our people, and Creating our future.  

Together, we make the extraordinary happen.  

Learn more about us at ncs.co and visit our LinkedIn career site.