Cybersecurity & Governance Senior Manager (CISO)

Identify and evaluate emerging technologies and the cybersecurity risk to the technologies for IT (Information Technology), OT (Operational Technology), Data, AI (Artificial Intelligence) and IoT (Internet-of-Things).

Provide direction and guidance to the development of enterprise-wide cybersecurity programs which includes for both IT & OT & Data.

Plan and implement the strategy for the deployment of well-known cybersecurity framework, policies and procedures.

Good understanding on the overall architecture setup (both software & hardware) in the company to determine the measures to be put in placed through a threat informed approach

Provide guidance on risk assessments and policy deviations

Evaluate the organization’s cybersecurity risk posture

Direct strategy for Systems Recovery

Continuous analysis of the evolving threat landscape and provide strategic direction in enhancing the cybersecurity posture of the organization

Identify, report and control incident.

Develop early detection, incident response and escalation framework.

Regular updates to senior leadership and be aware of the threat landscape

Evaluation of technologies and processes to support above functions.

Participate in the global cybersecurity community to monitor threats, share experience and knowledge.

Lead, motivate and build up the team competency on implementation of projects, analysis of threats and vendor management

Develop program to ensure staff are equip with the latest knowhow in this fast-evolving field.

Strategize and provide guidance to develop awareness programme, uplifting the enterprise wide cyber hygiene of all staff.

Provide direction and guidance to develop Governance framework and programme.

Interface with JTC/MPA/CSA for all cyber and governance matters.

Accountable on the due diligence with applicable laws and regulatory requirements and policies.

Provide guidance to IT project teams on security & governance requirements

Regular updates to board of directors, senior leadership team and stakeholders though steering committee meeting etc.

Degree in Computer Science, Computer Engineering, Electrical Engineering or other relevant field of study.

Cyber Security related qualifications such as CISA, CISSP, CISM, CRISC, GIAC will be an advantage.

Minimum 15 years of relevant working experience

Minimum 10 years of relevant working experience in managing a highly skilled team.

Well verse in Security Standards such ISO27001 and NIST etc.

Good understanding of IT Governance, Project Management and Methodologies

Good understand of various regulation/laws related to cybersecurity such as Cybersecurity Act 2018 (and CCoP 2.0), Singapore's Personal Data Protection Act (PDPA)

Well verse in MITRE ATT&CK & D3FEND framework

Technical hands-on expertise and well verse in Security related products Firewalls, IDS/IPS, AV, IAM, PAM, VMS, WAF, SIEM and PKI are preferred

Able to explain technical ideas to non-technical audience such as Senior Management and other Internal Stakeholders

Inquisitive and keen to learn emerging technology and evolving threats.

Attention to details.

Able to work under pressure and handle multiple projects/assignments concurrently.

Able to make timely decision with limited information/uncertainty

Good communication and stakeholder management skills

Highly resourceful individual who possess strong analytical skills

Excellent interpersonal skills and willingness to perform hands-on technical work

Able to lead and can be a team player as well.