Cyber Security Manager (East/Healthcare/up to S$ 9k) (ID: 660076)

Our client, a well-known MNC company is looking for candidates for theAssistant Manager, Regional CyberSecurityposition.

Responsibilities: -

• Strategise, Lead, Drive and Manage Cybersecurity ISO accreditation program for Asia Pacific

  • Lead, drive and manage all applicable Cybersecurity ISO implementations and re-certification operations.

  • Develop ISO security design, accreditation framework, and review processes.

  • Perform gap assessment and develop ISO roadmap for accreditation and/or re-certification.

  • Develop policies, standards, procedures, and operational processes to meet the developed ISO roadmap.

  • Effectively manage the security ISO roadmap based on approved Strategic goals, prioritising across tactical and strategic goals, and align business needs and technical priorities.

  • Collaborate with Company CSIRT, PSIRT and Enterprise Risk Management teams to achieve the requirements of security ISO accreditation.

  • Deliver expert level security ISO advisory to internal stakeholders to secure ISO investments.

• Establish and operationalise cybersecurity ISO compliance and recertification:

  • Work with global and regional stakeholders to align SOPs and QPs that achieve compliance to Group/Region Cybersecurity ISO program, policies, standards and framework.

  • Collaborate with various internal company teams such as Corporate IT, Business Applications, Product and Services R&D, Marketing and Customer services teams to achieve security ISO re-certifications.

  • Provide timely management reporting to relevant Regional/Group Risk Management Committee.

  • Prepare and present CAPEX and OPEX budget for security ISO accreditation/re-accreditation and operations in the region.

• Continuous improvements to cybersecurity stance of AP operation:

  • Establish continous improvements to Company’s security ISO including but not limited to identifying new ISO standards that better support the Company’s business objectives.

  • Establish continuous improvements to Company’s cybersecurity monitoring.

  • Establish continuous improvements to Company’s staff cybersecurity knowledge including but not limited to training and identify potential cybersecurity breaches.

  • Establish process to work with business stakeholders to continuously update SOPs and QPs to response to new risk areas and potential breaches.

• Support business in response to customers’ cybersecurity requirements:

  • Review tender requirements of customers’ as provided by sales teams and:

  • Highlight areas of out of company’s controls

  • Highlight risk areas for company to consider countermeasures.

  • Bring highlighted risk areas and their respective countermeasures back into cybersecurity stance and operation requirements.

• Manage cybersecurity incidents response and resolution:

  • Supporting the Regional Information Security Manager, manage cybersecurity incidents response with close collaboration with cybersecurity experts, internal IT and vendors, to achieve on-target, and timely triage and resolution of cybersecurity incidents in the region, in accordance to global/regional policies.

Requirements:

• Tertiary Education in any discipline, preferably in Cybersecurity, Computer Science, Computer Technology, medical or healthcare-related degree (or equivalent proven knowledge with work experience in cybersecurity domain)

• Recent 8-15 years of working experience in Cybersecurity or ISO accreditation in medical or healthcare-related industry, with IT and/or Product Cybersecurity program

• At least 2 recent successful hands-on experience in ISO 27001:2022, and/or ISO 81001 implementations; and at least 1 successful hands-on experience in re-certification experience in ISO 27001 and/or ISO 81001 programs.

• Technically competent and have prior project/program implementation experiences in the Cybersecurity domain such as:

  • Expert knowledge in the latest ISO 27001, ISO 81001, and NIST Cybersecurity framework

  • Cybersecurity Strategy and Roadmap formulation

  • Cybersecurity Framework, Policies, SOP formulation and enforcement

  • Cybersecurity Program and Project Management

  • Cyber Risk Assessment and Governance Management

  • Cyber Incident Response Management

  • Cyber Awareness and Training

  • Cyber Vulnerability Assessment and Penetration Testing

  • Cyber Prevention

  • Technical Security of Enterprise Systems and Networks

  • Technical Security of Medical Devices

  • Experience in security domains in Data Centre design, Microsoft Azure, AWS and DevOps

• Continuous keeping abreast with latest ISO, Cybersecurity Technologies and other industry trends.

• Strong adaptability with changes and willing to learn new domain areas of IT and Product Cybersecurity.

• Must Have: CISSP, CISM, CCSP, CISA or other relevant industry professional cybersecurity certifications

• Project or Program Management Certification (PMP or PRINCE2)

• Formal training in ISO 27001:2022 and ISO 81001 (or equivalent professional track records)

Interested candidates who wish to apply for the advertised position, please click on “Apply”. We regret that only shortlisted candidates will be notified.

EA License No.: 01C4394 (PERSOLKELLY Singapore PTE LTD)

By sending us your personal data and curriculum vitae (CV), you are deemed to consent to PERSOLKELLY Singapore Pte Ltd and its affiliates to collect, use and disclose your personal data for the purposes set out in the Privacy Policy available at https://www.persolkelly.com.sg/policies. You acknowledge that you have read, understood, and agree with the Privacy Policy.