Job Description
Marina Bay Sands is the definitive destination for business, leisure, and entertainment in Asia. We are seeking a highly skilled and motivated Senior Analyst, Vulnerability & Cyber Risk Management to join our world-class cybersecurity team. In this pivotal role, you will be responsible for safeguarding the integrity and confidentiality of our extensive digital ecosystem. You will lead the charge in identifying, assessing, and mitigating vulnerabilities across our complex network infrastructure, critical applications, and cloud platforms.
As a key member of the Information Security division, you will manage the full lifecycle of vulnerability management, from automated scanning and manual penetration testing to detailed risk analysis and remediation guidance. You will work closely with cross-functional teams to develop and enforce robust security policies, standards, and procedures aligned with industry frameworks such as NIST and ISO 27001. Your insights will directly inform executive decision-making through comprehensive risk reporting and dashboards.
This role offers a unique opportunity to apply your cybersecurity expertise in a dynamic, high-stakes environment where security directly impacts business continuity and the guest experience. You will be challenged by a diverse technology stack including hybrid cloud environments, IoT devices, and intricate payment systems. We are looking for a proactive leader who can not only identify technical risks but also communicate them effectively to drive organizational resilience. If you are ready to elevate your career and protect one of the world's most iconic brands, we encourage you to apply.
Note: Salary is estimated based on industry standards for a senior role in this sector and location.
Responsibilities
- Lead and execute comprehensive vulnerability assessments and penetration tests across network, application, and cloud environments.
- Manage the complete vulnerability management lifecycle: detection, classification, prioritization, remediation tracking, and validation.
- Develop and maintain the enterprise Cyber Risk Management framework, policies, and standards in alignment with NIST and ISO 27001.
- Conduct detailed risk assessments for new initiatives, technology deployments, and third-party engagements.
- Create and present risk dashboards and executive reports to communicate technical risks in a business context.
- Collaborate with IT operations and engineering teams to devise and implement effective remediation plans.
- Threat model and analyze emerging vulnerabilities and exploits to proactively protect the organization's assets.
- Support and enhance incident response capabilities with deep technical expertise in vulnerability exploitation.
Qualifications
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related discipline.
- Minimum of 5+ years of progressive experience in Vulnerability Management, Penetration Testing, or Cyber Risk Analysis.
- Industry-recognized certifications such as CISSP, OSCP, CEH, GPEN, or CRISC are strongly preferred.
- Expert-level proficiency with leading vulnerability management platforms (e.g., Qualys, Tenable, Rapid7) and manual testing methodologies.
- In-depth knowledge of network security, operating system hardening, web application security (OWASP Top 10), and cloud security (AWS/Azure).
- Strong understanding of regulatory requirements and compliance standards relevant to the hospitality and gaming industry.
- Excellent communication and stakeholder management skills, with the ability to translate complex technical issues for non-technical audiences.
- Proven track record of leading security improvements and driving a culture of security awareness within an organization.