Assistant Manager, Regional CyberSecurity (Healthcare/East/up to S$9k)
4 weeks ago
Our client, a well-known MNC company is looking for candidates for the Assistant Manager, Regional CyberSecurity position.
Responsibilities: -
S..
Our client, a well-known MNC company is looking for candidates for the Assistant Manager, Regional CyberSecurity position.
Responsibilities: -
- Strategise, Lead, Drive and Manage Cybersecurity ISO accreditation program for Asia Pacific
- Lead, drive and manage all applicable Cybersecurity ISO implementations and re-certification operations.
- Develop ISO security design, accreditation framework, and review processes.
- Perform gap assessment and develop ISO roadmap for accreditation and/or re-certification.
- Develop policies, standards, procedures, and operational processes to meet the developed ISO roadmap.
- Effectively manage the security ISO roadmap based on approved Strategic goals, prioritising across tactical and strategic goals, and align business needs and technical priorities.
- Collaborate with Company CSIRT, PSIRT and Enterprise Risk Management teams to achieve the requirements of security ISO accreditation.
- Deliver expert level security ISO advisory to internal stakeholders to secure ISO investments.
- Establish and operationalise cybersecurity ISO compliance and recertification:
- Work with global and regional stakeholders to align SOPs and QPs that achieve compliance to Group/Region Cybersecurity ISO program, policies, standards and framework.
- Collaborate with various internal company teams such as Corporate IT, Business Applications, Product and Services R&D, Marketing and Customer services teams to achieve security ISO re-certifications.
- Provide timely management reporting to relevant Regional/Group Risk Management Committee.
- Prepare and present CAPEX and OPEX budget for security ISO accreditation/re-accreditation and operations in the region.
- Continuous improvements to cybersecurity stance of AP operation:
- Establish continous improvements to Company’s security ISO including but not limited to identifying new ISO standards that better support the Company’s business objectives.
- Establish continuous improvements to Company’s cybersecurity monitoring.
- Establish continuous improvements to Company’s staff cybersecurity knowledge including but not limited to training and identify potential cybersecurity breaches.
- Establish process to work with business stakeholders to continuously update SOPs and QPs to response to new risk areas and potential breaches.
- Support business in response to customers’ cybersecurity requirements:
- Review tender requirements of customers’ as provided by sales teams and:
- Highlight areas of out of company’s controls
- Highlight risk areas for company to consider countermeasures.
- Bring highlighted risk areas and their respective countermeasures back into cybersecurity stance and operation requirements.
- Manage cybersecurity incidents response and resolution:
- Supporting the Regional Information Security Manager, manage cybersecurity incidents response with close collaboration with cybersecurity experts, internal IT and vendors, to achieve on-target, and timely triage and resolution of cybersecurity incidents in the region, in accordance to global/regional policies.
Requirements:
- Tertiary Education in any discipline, preferably in Cybersecurity, Computer Science, Computer Technology, medical or healthcare-related degree (or equivalent proven knowledge with work experience in cybersecurity domain)
- Recent 8-15 years of working experience in Cybersecurity or ISO accreditation in medical or healthcare-related industry, with IT and/or Product Cybersecurity program
- At least 2 recent successful hands-on experience in ISO 27001:2022, and/or ISO 81001 implementations; and at least 1 successful hands-on experience in re-certification experience in ISO 27001 and/or ISO 81001 programs.
- Technically competent and have prior project/program implementation experiences in the Cybersecurity domain such as:
- Expert knowledge in the latest ISO 27001, ISO 81001, and NIST Cybersecurity framework
- Cybersecurity Strategy and Roadmap formulation
- Cybersecurity Framework, Policies, SOP formulation and enforcement
- Cybersecurity Program and Project Management
- Cyber Risk Assessment and Governance Management
- Cyber Incident Response Management
- Cyber Awareness and Training
- Cyber Vulnerability Assessment and Penetration Testing
- Cyber Prevention
- Technical Security of Enterprise Systems and Networks
- Technical Security of Medical Devices
- Experience in security domains in Data Centre design, Microsoft Azure, AWS and DevOps
- Demonstrate ability to build and maintain relationships with a wide array of people at both junior and senior levels, internal within the organisation or externally across industries.
- Excellent written verbal communication, presentation and negotiation skills.
- Possesses high standards of professionalism, personal discipline and integrity.
- Able to work independently and as a good team player with analytical, management and planning skills.
- Proactive, dynamic and with good conceptual thinking and problem solving skills.
- Continuous keeping abreast with latest ISO, Cybersecurity Technologies and other industry trends.
- Strong adaptability with changes and willing to learn new domain areas of IT and Product Cybersecurity.
- Must Have: CISSP, CISM, CCSP, CISA or other relevant industry professional cybersecurity certifications
- Project or Program Management Certification (PMP or PRINCE2)
- Formal training in ISO 27001:2022 and ISO 81001 (or equivalent professional track records)
PERSOLKELLY Singapore Pte Ltd | EA License No.: 01C4394 | UEN No. 200007268E
Registration No.: R23112488 (Julian Nerchan)
By sending us your personal data and curriculum vitae (CV), you are deemed to consent to PERSOLKELLY Singapore Pte Ltd and its affiliates collecting, using, and disclosing my personal data for the purposes set out in the Privacy Policy which is available at www.persolkelly.com.sg I also acknowledge that I have read, understood, and agree to the said Privacy Policy.
Official account of Jobstore.