Cybersecurity Governance & Operations Manager (FSI)

Cyber Governance, Risk & Compliance

• Policy & Standards Development: Assist in creating and improving cybersecurity policies, standards, and procedures.
• Risk & Compliance Assessments: Perform risk and compliance assessments and support the annual Risk & Controls Self-Assessment for the cyber domain.
• Addressing Gaps: Work with IT and other teams to identify and resolve gaps, ensuring the right controls are implemented, including solutions or process improvements.
• IT Resilience Management: Oversee the IT resiliency program, ensuring key systems and infrastructure are reliable and meet business continuity requirements.
• Cybersecurity Awareness Training: Develop and deliver cybersecurity training for different groups, such as management, employees, and contractors.

Cyber Strategy

• Enhance Security Architecture: Support the improvement and maintenance of the cybersecurity architecture, focusing on both infrastructure and application security to address current and future threats.

Data Security

• Data Loss Prevention: Manage and improve the regional data loss prevention program, including endpoint, email, and internet security. Experience with tools like MS Purview for Data Loss Prevention (DLP) is a bonus but not required.

Security Operations

• Incident Management: Lead the cybersecurity incident management process, coordinating with IT teams to investigate and provide updates during confirmed incidents.
• Vulnerability & Penetration Testing: Assist with vulnerability management and penetration testing, analyzing results, and working with IT teams to fix issues.
• Stay Updated on Threats: Keep track of the latest cybersecurity threats and solutions to ensure the organization remains secure.

Other Duties

• AI Security Framework: Contribute to the development of the AI assessment framework, reviewing AI projects from a cybersecurity standpoint.
• Reporting: Provide regular updates on cybersecurity matters to the IT Committee and other relevant management teams.

Requirements

• Experience: At least 7 years of experience in cybersecurity operations, cyber audits, or risk management.
• A bachelor's or higher degree in Computer Science, Information Security, or a related field.
• Professional certifications like CISSP, CISA, CRISC, CCSK/CCSP, CGEIT, or CDPSE are a plus.
• Regulatory Knowledge: Familiarity with cyber and technology risk regulations, such as those from SFC and MAS, is helpful.
• Problem-Solving: Strong judgment in solving complex technical and organizational problems.

If this job isn't quite right for you, but you know someone who would be great at this role, why not take advantage of our referral scheme? We offer SGD1,000 or SGD350 in shopping vouchers for every referred candidate who we place in a role. Terms & Conditions Apply. https://www.ambition.com.sg/refer-a-friend