Cybersecurity & Governance Senior Manager (CISO) - #1125677

• Identify and evaluate emerging technologies and the cybersecurity risk to the technologies for IT (Information Technology), OT (Operational Technology), Data, AI (Artificial Intelligence) and IoT (Internet-of-Things).

• Provide direction and guidance to the development of enterprise-wide cybersecurity programs which includes for both IT & OT & Data.

• Plan and implement the strategy for the deployment of well-known cybersecurity framework, policies and procedures.

• Good understanding on the overall architecture setup (both software & hardware) in the company to determine the measures to be put in placed through a threat informed approach

• Provide guidance on risk assessments and policy deviations

• Evaluate the organization’s cybersecurity risk posture

• Direct strategy for Systems Recovery

• Continuous analysis of the evolving threat landscape and provide strategic direction in enhancing the cybersecurity posture of the organization

• Identify, report and control incident.

• Develop early detection, incident response and escalation framework.

• Regular updates to senior leadership and be aware of the threat landscape

• Evaluation of technologies and processes to support above functions.

• Participate in the global cybersecurity community to monitor threats, share experience and knowledge.

• Lead, motivate and build up the team competency on implementation of projects, analysis of threats and vendor management

• Develop program to ensure staff are equip with the latest knowhow in this fast-evolving field.

• Strategize and provide guidance to develop awareness programme, uplifting the enterprise wide cyber hygiene of all staff.

• Provide direction and guidance to develop Governance framework and programme.

• Interface with JTC/MPA/CSA for all cyber and governance matters.

• Accountable on the due diligence with applicable laws and regulatory requirements and policies.

• Provide guidance to IT project teams on security & governance requirements

• Regular updates to board of directors, senior leadership team and stakeholders though steering committee meeting etc.

Educational Qualifications:

• Degree in Computer Science, Computer Engineering, Electrical Engineering or other relevant field of study.

• Cyber Security related qualifications such as CISA, CISSP, CISM, CRISC, GIAC will be an advantage.

Relevant Experiences:

• Minimum 15 years of relevant working experience

• Minimum 10 years of relevant working experience in managing a highly skilled team.

• Well verse in Security Standards such ISO27001 and NIST etc.

• Good understanding of IT Governance, Project Management and Methodologies

• Good understand of various regulation/laws related to cybersecurity such as Cybersecurity Act 2018 (and CCoP 2.0), Singapore's Personal Data Protection Act (PDPA)

• Well verse in MITRE ATT&CK & D3FEND framework

• Technical hands-on expertise and well verse in Security related products Firewalls, IDS/IPS, AV, IAM, PAM, VMS, WAF, SIEM and PKI are preferred

• Able to explain technical ideas to non-technical audience such as Senior Management and other Internal Stakeholders

Personal Characteristics:

• Inquisitive and keen to learn emerging technology and evolving threats.

• Attention to details.

• Able to work under pressure and handle multiple projects/assignments concurrently.

• Able to make timely decision with limited information/uncertainty

• Good communication and stakeholder management skills

• Highly resourceful individual who possess strong analytical skills

• Excellent interpersonal skills and willingness to perform hands-on technical work

• Able to lead and can be a team player as well.