Job Description

Location: Ubi Road Working Days: 5 days work week Working hours : 8.30am to 5.30pm Salary: Up to $9000 Responsible to lead and drive the Cyber Security Governance, Risk, Compliance and Awareness for Location: Ubi Road Working Days: 5 days work week Working hours : 8.30am to 5.30pm Salary: Up to $9000 Responsible to lead and drive the Cyber Security Governance, Risk, Compliance and Awareness for the company and execute the core mission to build and strengthen the cybersecurity posture and resiliency aligning with the company business strategy on an ongoing basis. Job Responsibilities: Plan and execute the IT Security Roadmap to improve operational readiness and awareness of changing threat scenarios. Initiate, develop and drive ongoing cyber security governance policies and framework to align with industry best practices and regulatory requirements. Support the team in communicating and interpreting the baseline controls to the relevant stakeholders. Develop, implement and monitor reporting mechanisms for governance, security and risk practices to support compliance and highlight areas of risk exposure. Perform continuous review to assess the adequacy and effectiveness of measures in compliance with policies, standards and regulatory requirements and coordinate with the stakeholders to develop and track risk remediation plans for security weaknesses identified. Plan and manage the cyber security education and promote awareness program by conducting effective cyber security awareness campaigns, trainings and APT (Advanced Persistent Threat) drill exercises such as email phishing simulation. Respond timely to IT security incidents and conduct investigation and necessary follow-up actions including containment, recovery and preventive actions. Work with the relevant IT operations team to respond to cyber threat and vulnerability alerts in a timely manner and stay abreast of cyber security related risks. Support and conduct cyber security review for proposed new systems or solutions in the organization. Manage vulnerability assessments and penetration testing with security service providers and work with stakeholders to ensure timely resolution of any control weaknesses. Work closely with the internal and external auditors to facilitate cybersecurity audits, reviews and timely closure of audit outcomes. Other ad-hoc duties as assigned. Job Requirements: Diploma, Advanced/Higher/Graduate Diploma, Bachelor's Degree, Post Graduate Diploma, Professional Degree in Computer Engineering, Computer Science or Information Technology, or equivalent education. Possess at least one of the security related certifications such as CISA, CISM, CRISC or CISSP. CISA certification will be advantageous. Minimum 4 years of related work experience in cybersecurity management, security risk management, security governance framework and compliance (IT Security Audit / log review), technical vulnerability management (vulnerability assessment, penetration testing), application security, security technologies (system hardening, IDS/IPD, firewall), security incident response and security assessment. Strong understanding of ISO27001 and NIST standard. Hands-on experience on IT Security Tools such as Fortigate Next Generation Firewall, Endpoint Security Solutions will be advantageous.