As a bank that bases many of its mid and senior-level managers in Singapore, Standard Chartered is often a bellwether for the local job market. If SCB is hiring in a particular function, other firms probably are too. This is certainly the case in cyber security in 2021. Stan Chart has made a string of senior Singapore-based security hires over the past few months, and other banks are also recruiting.
In January, Stan Chart appointed Singtel cyber security chief David McLinton as global head of operations, information and cyber security. Lavy Shtokhamer, the head of Israel’s cyber emergency response team, also joined to lead Stan Chart’s cyber defense centre. In February, the bank hired Jerome Walter from VMware as chief information security officer for digital ventures. Last month, Emilie Wolff Nguyen, PwC’s Singapore head of internal information security, moved to SCB as head of tech and cyber security, business risk, according to her LinkedIn profile.
Stan Chart currently has more than 12 cyber security-related roles on its careers website, including a head of cyber security advisory and DevSecOps. Its recruitment reflects a wider rise in demand for cyber security jobs in Singapore this year, with firms such as Citi, DBS, OCBC and UOB among those hiring. UOB’s tech recruitment drive in 2021 involves adding people to its cyber team, Susan Hwee, head of group technology and operations, told us earlier this year. DBS currently has 10 cyber security vacancies.
A senior cyber security manager at a global bank, who is currently recruiting, says demand for talent is “very strong” across the finance sector. However, he wants to hire people who can “convey complex topics in a way that senior executives can understand”, and he’s struggling to find these candidates. “It’s hard to recruit people who are technical enough to understand the intricacies of cyber security and can still articulate information to execs,” he adds.
Cyber security vacancies in Singapore take 12 weeks to fill on average, the second longest timeframe of any function in the banking sector, according to our March survey of recruitment firms’ hiring times. Skill shortages also mean that the cost of hiring people is now “huge”, with 20% to 35% salary rises on offer, says the cyber security boss.
As Stan Chart’s hiring of McLinton, Shtokhamer, and Walter suggests, banks in Singapore are open to recruiting cyber professionals from outside of the finance sector. “I look for experts with a governance background, but I also need specialist cyber skills. Someone trustworthy is important because a lot of cyber experts are ‘underground’ and frankly, they don’t work well in highly governed environments like banks,” says the cyber security manager.
Talent shortages in cyber are most extreme at the mid to senior level, and in sought-after roles such as cloud security, DevSecOps, application security, red teaming and security engineering, says Chen Yi Ooi, a senior technology consultant at Kerry Consulting. “As cyber breaches get more sophisticated, cyber security roles are also evolving to become more technical. But there’s simply not enough talent with the required skillsets to fulfill demand,” she adds.
Many cyber security candidates in Singapore are now receiving multiple job offers. “Banks that aren’t able to offer the best compensation or the latest technology tend to lose out, which further widens the skillset gap between the top firms and the rest of the industry, who are still trying to catch up,” says Ooi.
As in other markets, cyber security recruitment in Singapore has been boosted by the shift to remote working during the pandemic, which has exposed banks to more infrastructure, website, network, and cloud vulnerabilities, says Marie Tay, managing director of The Resolute Hunter.
Have a confidential story, tip, or comment you’d like to share? Email: email@example.com or Telegram: @simonmortlock. You can also follow me on LinkedIn.