Agency Chief Information Security Officer (Singaporean Only)*
Jobscentral
Singapore
USD 80,000 - 120,000
Job description
Responsibilities
- Produce cyber security strategies and work plan, policies, standards and guidelines
- Support digitalisation planning and aligning with ICT security strategy goals and policy baselines.
- Perform regular Gap analysis.
- Oversee ICT security matters (approving and tracking ICT security work plan and resourcing, monitoring performance in security indicators and risk acceptance decisions).
- Regular reviews of all ICT systems across different operating environments, the systems security design, implementation and operations.
- Conduct Cybersecurity risk assessment and acceptance processes at the management level.
- Review, consult and endorse risk management and mitigation plans from project teams.
- Advise on cyber security solutions and technologies to be deployed suitable to business operations and aligned with WOG-wide advisories and practices.
- Ensure compliance to the defined security policies, standards and guidelines.
- Create and execute end user security awareness programmes
- Establish defined processes for Threat and Incident Management.
- Ownership of security incident response workshops and exercises (table-top exercises, simulation and drills)
- Lead investigation and management of ICT security incidents.
- Degree in Computer Science, Information Systems, Engineering or a related Technology based education.
- Minimum 5 years of information security management experience
- Skilled in evaluating the effectiveness of existing controls and recommending appropriate mitigation strategies for on-premises and cloud-related cybersecurity and data security issues.
- Able to identify on-premises and cloud-specific cybersecurity risks and threats as well as potential violations in on-premises or cloud environments
- Able to collaborate with multi-functional, multi-disciplined teams to formulate, institute real time awareness of security posture and baseline among end users.
- Demonstrate skills to thoroughly assess cybersecurity risks/threats impact
- Solid grasp of ICT operations, security policies, business processes and the relationship between them.
- Knowledge or experience in Infrastructure as Code (IaC) tools such as Terraform and Ansible, including their application in maintaining and automating secure on-premises and cloud environments.
- Strong understanding of insider threats, vendor risks, data leakage, malwares including ransomware, account hijacking, and compliance risks.
- Strong understanding of compliance requirements
- Good interpersonal and partner/ executive leadership skills.
- CISSP/ CISM/ CISA certifications are advantageous.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Land a better
job faster
job faster
