Responsibilities

  • Establish and implement cybersecurity policies, standards and procedures on project networks to ensure compliance
  • Ensure timely conduct of audit framework, monitoring and examining audit findings to propose action plans to address those non-compliances holistically
  • Provide leadership and guidance to Cyber Leads in business units in ensuring compliance in project networks
  • Inculcate a positive cybersecurity culture where cybersecurity becomes the second nature for all employees
  • Work closely with Group GISO and Group IT to ensure oversight and security compliance on secured networks
  • Partner with Group GISO to keep track and update management on vulnerabilities and threats
  •  Promote cybersecurity education & training, and enhance awareness and adoption of essential cybersecurity practices
  • Implement and govern Cybersecurity Incident Management framework

Requirements

  • A tertiary degree in Computer Science, Information Systems, Engineering or related IT discipline.
  • Preferred professional certifications in tailored and practical certifications including CISSP (Certified Information Security Systems Professional) and CISM (Certified Information Security Manager)
  • A minimum of seven years' experience in risk management in information security
  • Knowledge of information security management frameworks, such as ISO/IEC 27001 and NIST.
  • In-depth knowledge of IT systems and architecture and also in data administration
  • Good knowledge of cyber-security and ongoing threats
  • Excellent management and leadership skills.