Summary
The Government Technology Agency (GovTech) aims to transform the delivery of Government digital services by taking an "outside-in" view, putting citizens and businesses at the heart of everything we do. We also develop the Smart Nation infrastructure and applications, and facilitate collaboration with citizens and businesses to co-develop technologies.

Join us as we support Singapore\xe2\x80\x99s vision of building a Smart Nation - a nation of possibilities empowered through info-communications technology and related engineering.

The Cyber Security Group (CSG) is the cybersecurity arm of GovTech that is committed to creating a safe and secure digital government. You will be part of the Policy Development team to write policy standards and guidelines. What you will be working on:

• Lead or Support the formulation of progressive ICT Security policies to ensure continuous and relevant protection of Government ICT assets
• Develop, assess and review existing and proposed policies in collaboration with stakeholders to govern cyber activities
• Promote awareness of security issues and communicate security principles among management and stakeholders
• Address policy queries, and assess exemption requests to ascertain relevance of preventive and detective controls to reduce risk of exposure
• Work with the operational and implementation teams to identify, qualify, quantify and agree proposed mitigation plans against any identified risks and that those risks have been captured with mitigation plans.
• Conduct the measurement of security health posture of Agencies and provide analytical studies and trending of key risk indicators
• Support limited scale security projects, system vulnerability assessments or audits of cyber programs if required
• Find creative ways to take on and address complex information security challenges across a variety of existing and emerging technologies and digital environments

How to succeed:

• Degree in Infocomm Security, Computer Science, Computer/Electronics Engineering or Information Technology
• Possess CISSP and/or CISA certifications would be an advantage
• At least 3 years\xe2\x80\x99 of relevant IT or inforcomm security consulting, project management, and/or IT audit and governance
• Knowledge of IT security management principles and practices
• Experience in one or more of the following areas will be an advantage; policy compliance and governance, risk assessment, solutioning, network design, application development, Internet of Things, cryptography, hardware design protection, mobile application/device management, cloud hosting design and implementation in AWS/Azure/Google, DevSecOps consulting, design and implementation of CI/CD pipelines, etc.
• Knowledge and experience of IM8/NIST/IS0 27001/2 policies /standards
• Singapore Citizen only

We are an equal opportunity employer and value diversity at our company as we believe that diversity is meaningful to innovation. Our employee benefits are based on a total rewards approach, offering a holistic and market-competitive suite of perks. This includes generous leave benefits to meet your work-life needs. We trust that you will get the job done wherever you are, and whatever works best for you \xe2\x80\x93 so work from home or take a break to exercise if you need to*. We also believe it\xe2\x80\x99s important for you to keep honing your craft in the constantly-evolving tech landscape, so we provide and support a plethora of in-house and external learning and development opportunities all year round.

• Subject to the nature of your job role that might require you to be onsite during fixed hours