Job Description

What the role is:

Cybersecurity is a critical pillar of CAAS\' work. To ensure that the Singapore air hub remains safe and secure for air travel, every mission-critical system that supports air hub operations must be well-protected and resilient against rapidly evolving, and increasingly complex, cybersecurity threats.

We are looking for strong and dynamic candidate with strong leadership to lead the enterprise cybersecurity solutions team, with the newly established Cybersecurity and Data Governance Division. Together, you will be strengthening cybersecurity resilience and incident response of CAAS and the aviation sector, through design, development and implementation of enterprise-wide cybersecurity solutions.

What you will be working on:

Key responsibilities include:

• Manage and lead a team of cybersecurity specialists to

o Conduct independent ICT security assessments and reviews of ICT security reports to assess the adequacy and ICT security maturity of systems, infrastructure, services, and processes.
o Engage CAAS system owners and development teams to address any cybersecurity vulnerabilities and gaps identified in their systems.
o Strengthen cybersecurity readiness/ resilience of CAAS and aviation sector through phishing exercises, red-teaming, bug bounty programmes etc.
o Enhance cyber defence capabilities through designing enterprise cybersecurity solutions and deploy new/ emerging technological solutions to detect cybersecurity breaches and anomalies to enhance overall enterprise cybersecurity posture.
o Continuous monitoring of the cybersecurity resiliency of CAAS network and system.
o Keep abreast of the latest industry ICT security practices and technologies, as well as emerging threats and vulnerabilities, to recommend appropriate controls and new solutions for implementation to enhance the enterprise security posture.

• Ensure that solutions are designed, developed, and implemented with clear operation procedures and onboarding instructions.
• Evangelise and conduct roadshows to promote the adoption of cybersecurity solutions.
• Work closely with IT team to align cybersecurity controls to the ICT Enterprise Architecture
• Identify and prioritize the deployment of cybersecurity solutions according to the risk exposures.
• Operationalize the solution in a systematic manner to ensure continuation of services.

What we are looking for:

Requirements:

• Trained in ICT Security, Information Security, Information Technology, Computer Science, Engineering (Computing/Telecommunication), Cybersecurity or equivalent.
• At least 8 years of direct and relevant ICT cybersecurity work experience (i.e. infrastructure and network security, software development security, enterprise security architecture, security-by-design, cloud security etc.)
• An active professional certification in ICT security or Information Security from ISACA, (ISC)2 or equivalent will be an advantage.
• Strong domain knowledge of

o Access control, telecommunications, and network security
o Information security governance, risk management and compliance.
o Software development security; cryptography.
o Security architecture and design especially on cloud
o Operations security, business continuity and disaster recovery planning and forensic investigations
o Security by design process for ICT systems

• Able to show understanding of the relationship between an information security programme and the broader business goals and objectives.
• Self-motivated and independent, a good team player with well-rounded skillset, and can-do attitude
• Curious and passionate about cybersecurity with a hacker mindset
• Excellent verbal, written communication, and interpersonal skills
• Strong analytical, presentation and negotiation skill

Note: Your appointment designation will commensurate with your relevant work experience. Successful candidates will be offered a 3-year contract in the first instance and may be considered for placement on a permanent tenure or subsequent contract renewal.

About Civil Aviation Authority of Singapore:

The Civil Aviation Authority of Singapore\'s raison d\'etre is to develop the air hub and aviation industry in Singapore, expanding Singapore\'s links to the rest of the world. We enable opportunities through aviation, making connections, opening doors and enabling choices in people\'s lives.

Civil Aviation Authority of Singapore