Job Description

About the Team The Security & IT Operations team plays a key role in ensuring that our products and services are developed and operated by fulfilling the highest security standards. Furthermore, the team is in charge of operating security tools that protect our internal and customer facing assets, managing incidents through to resolution, and maintaining the security posture of DA across regions where we operate.
About the role

• Lead the Cyber Governance team within the Security team in DA.
• Be responsible for the building and day-to-day running of the Cyber Governance team.
• Ensure organisational compliance with internal IT Security policies, standards and procedures, as well as external regulations (e.g., ISO27001, MAS TRM, OSPAR, PCI-DSS, PDPA, SOC2, etc)
• Lead the development, review and update of IT Security policies, procedures, guidelines and baselines.
• Maintain the approved software list and assess software compliance with security standards
• Drive vendor and partner IT security due diligence reviews.
• Involve in IT Change Management and evaluate the security impact of proposed changes.
• Drive IT Audit readiness review and facilitate timely issue resolution.
• Lead the Security Awareness Training and phishing simulation exercises for the DA group.
• Conduct IT Risk Assessments, IT Security Audits, Maturity Assessments and Compliance Reviews.
• Lead the formulation of IT Disaster Recovery plans, and IT Security aspects of the BCP.
• Assist the DPO in related activities pertaining to data privacy and protection

About you

• Diploma or Degree in Cybersecurity, Computer Science, Engineering, or Information Systems
  
• 7+ years of experience in Cyber Security Governance, with experience managing a team.
• IT or security related certification is an advantage, but not a must.
• Knowledge of the following is a plus:
  • Healthtech operations;
  • Multi-Cloud platform security
  • IT Security Consulting/Audit and Third Party Due Diligence,
  • IT DRP and BCP
  • Compliance type work against Industry Standards such as ISO 27001, PDPA, NIST, PCI-DSS, TRM and SOC2.
• Strong interpersonal skills with good command of English, both written and spoken.
• Good problem skills and ability to work in a fast-paced environment.
• A start-up attitude \xe2\x80\x93 highly collaborative with an entrepreneurial, roll-up-your sleeves attitude, pragmatic and able to work independently when required.
• Genuine curiosity and strong desire to continuously learn and grow
• Comfortable with ambiguity \xe2\x80\x93 we\xe2\x80\x99re a fast-growing business, and there\xe2\x80\x99s always unchartered territories, which is part of the fun. You should be comfortable with it and understand that not everything is 100% defined all the time.

About Doctor Anywhere Doctor Anywhere (DA) is on a mission to be the largest tech-enabled, omnichannel healthcare provider in Southeast Asia. First launched in Singapore in 2017, DA aims to bridge gaps in the healthcare ecosystem through developing innovative solutions and technologies. In 2021, DA raised SGD$88 million in Series C fundraising (August 2021) and acquired Doctor Raksa, the biggest telemedicine platform in Thailand which further strengthened our foundation for telehealth and healthcare offerings. Today, DA is present in Malaysia, Thailand, Philippines, Vietnam, Indonesia and India, serving more than 2.5 million (and growing) users across the region.At DA, we believe in the value of innovation and collaboration. Grounded in our motto of \xe2\x80\x9cKeep Going, Keep Growing\xe2\x80\x9d, our team strives towards excellence every day, and values diversity in perspectives brought by every member. Together, we bring quality healthcare to your doorstep!