Job Description

Job Purpose

The Head, Information Technology Security develops and drives the vision for the IT security function, development of enterprise IT security strategy, governing standards and procedures aligned with Group-level Cybersecurity.

He/she will guide the design and continuous improvement of IT security architecture and IT security risk framework that balances IT security with business needs, and advise the Management on IT security matters. He/she will also provide subject matter expertise and guidance to manage IT security risk and IT security risk incident resolution. He/she will drive compliance of governing IT security policies, standards and procedures across Enterprise IT.

The role requires close coordination and collaboration with the company\'s Group Cyber Security Department, Operational Technology Cyber Security Division, Risk Management, Audit, Legal and Business Units, and externally with regulators i.e. Land Transport Authority (LTA) and the national Cyber Security Agency (CSA) through the Group Cybersecurity Department.

Responsibilities

Strategy

• Establish Enterprise IT security vision, strategy and underlying security initiatives and programs.
• Align IT security and risk management strategy with Group cybersecurity and business strategy
• Strategic budget and administrative guidance for implementation of IT security
• Advise Senior Management on IT security matters

Standards & Governance

• Oversee development of IT security policies, standards and guidelines aligned with Group cybersecurity policy
• Evaluate current practices to determine compliance with IT security standards
• Oversee plans and implementation to ensure compliance with relevant laws and regulations
• Drive awareness and training on IT security

Manage IT Security Risks

• Guide the application of IT security risk assessment frameworks
• Advise stakeholders to manage IT security risk exposure and ensure business functionality
• Liaise with external advisory bodies or industry partners through Group Cybersecurity Department

Lead IT Security & Project Teams

• Oversee core IT security unit team members including budgets, forecasting, work allocation and staffing at Enterprise IT
• Develop staff through ongoing coaching, mentoring and career discussions
• Define goals, direction and accountability among staff

IT Security Architecture & Operations

• Direct the design of IT security architecture and hands-on management of expense and capital budgets for security operations and investments
• Establish and meet Key Performance Indicators (KPIs) to assess effectiveness of IT security operations
• Develop and execute reporting framework for IT security operational KPIs to regularly apprise Group Cybersecurity Department
• Regular review IT security architecture to ensure it addresses IT security risks, IT technology shifts and threat landscape
• Establish and run IT security governance and change management framework across Enterprise IT in line with IT security policy and Group-level cybersecurity policy

IT Security Incident Resolution

• Lead IT security investigation from detection to closure
• Drive resolution and recovery from IT security incidents
• Lead the development of plans to address system vulnerabilities and continually improve detection, response and recovery capabilities
• Lead responses to regulatory inquiries, inspections or audits relating IT security incidents, through Group Cybersecurity Department

Qualifications & Work Experience

• At least 10 years of relevant IT security experience
• Relevant postgraduate and tertiary qualifications
• Information security certifications eg. CISSP, CISM, CRISC etc.
• Demonstrated knowledge of IT security frameworks and regulations
• Working experience of driving IT security operations
• Demonstrated ability to engage and communicate with stakeholders.

We regret that only shortlisted candidates will be notified.

About SMRT Corporation

SMRT Corporation Ltd (SMRT) is a public transport services provider. Our primary business is to manage and operate train services on the North-South Line, the East-West Line, the Circle Line, the new Thomson East-Coast Line and the Bukit Panjang Light Rail Transit. This is complemented by our bus, taxi and private hire vehicle services.

An exciting and rewarding career is waiting for you at SMRT. Join us and embark on a journey that matters. You Matter \xe2\x80\x93 we take care of you and your well-being. Your Work Matters \xe2\x80\x93 your ideas and contributions work towards building the future of our transport system and create positive impacts to the community. Your Development Matters \xe2\x80\x93 we offer diverse careers and learning opportunities for our people to grow you to the fullest of your potential.

Come onboard the SMRT journey today.

Vision
Moving People, Enhancing Lives

Core Values
Respect, Integrity, Service & Safety, Excellence

SMRT Corporation