Cybersecurity Consultant/Mgr (Cybersecurity Governance and Risk Assessment), SCD

The Safer Cyberspace Division in CSA focuses on building national cyber resilience of organisations in Singapore. The division develops and manages national cybersecurity technology initiatives under the SG Cyber Safe programme, in order to enable a safer cyberspace. Examples of programmes which the division has rolled out include the CSA Cyber Essentials and Cyber Trust mark, which are published as national cybersecurity standards in Singapore. The target segment of the division are non-Critical Information Infrastructure (CII) organisations in Singapore, and these can range from large or significant organisations of special interest to Small and Medium Enterprises (SMEs), which form 99% of Singapore’s economy.

We are looking for a candidate to oversee the governance and risk assessment of large or significant organisations that may be subject to cybersecurity requirements under CSA’s legislative framework. The key areas of responsibilities are as follows:• Manage the governance of organisations that may be subject to cybersecurity requirements under CSA’s legislative framework• Review and evaluate cybersecurity risk assessments submitted by organisations that are subject to cybersecurity requirements under CSA’s legislative framework• Manage cybersecurity incident reporting from organisations that are subject to cybersecurity requirements under CSA’s legislative framework• Manage engagements with such organisations, where relevant, as part of overall account management of these organisations• Develop and manage cybersecurity technology programmes that address the cybersecurity challenges or gaps of organisations that are subject to cybersecurity requirements under CSA’s legislative framework• Before a programme is rolled out: At the conceptualisation stage, responsibilities would involve performing landscape scans and analysis to identify shifts or trends in the cybersecurity landscape, and corresponding gaps in the cybersecurity posture of non-CII enterprises to steer the direction of programmes developed• After a programme is rolled out: Drive and develop levers to support programme adoption – this can include the use of incentives or policy levers• Examples of programmes which the division has rolled out include CSA’s Cyber Essentials and Cyber Trust mark, which are published as national cybersecurity standards in Singapore

Requirements• Background in Computer Science, Cybersecurity, Engineering, Infocomm Technology, or a related field• At least 2 years’ experience in a job function involving cybersecurity risk management – Experience in certification frameworks, such as ISO/IEC 27001 is an advantage• Experience in Chief Information Security Officer (CISO) functions in organisations is an advantage• Strong analytical, investigative and communication skills, both verbal and written• Strong interpersonal and stakeholder management skills• Interest in keeping abreast of regulatory changes and development, as well as cybersecurity risk management frameworks and methodologyNote: CSA will be shifting to Punggol Digital District (PDD) in year 2026

About the Cyber Security Agency of SingaporeEstablished in 2015, the Cyber Security Agency of Singapore (CSA) seeks to keep Singapore’s cyberspace safe and secure to underpin our Nation Security, power a Digital Economy and protect our Digital Way of Life. It maintains an oversight of national cybersecurity functions and works with sector leads to protect Singapore’s Critical Information Infrastructure. CSA also engages with various stakeholders to heighten cyber security awareness, build a vibrant cybersecurity ecosystem supported by a robust workforce, pursue international partnerships and drive regional cybersecurity capacity building programmes. CSA is part of the Prime Minister’s Office and is managed by the Ministry of Digital Development and Information. For more news and information, please visit www.csa.gov.sg