The Cybersecurity Manager in NTUC Health is responsible for designing, implementing, and maintaining robust cybersecurity solutions architecture to protect the organization's digital assets. This role involves strategic planning, technical expertise, and collaboration with various stakeholders to ensure the security and integrity of the IT environment. You will work closely with other members of the IT team, Nexus CoE and senior management to ensure that the organization's cybersecurity posture remains robust and effective in the face of evolving threats and challenges.
- Develop and maintain a comprehensive cybersecurity architecture framework aligned with healthcare best practices and regulatory requirements.
- Design and implement security controls, protocols, and processes to safeguard networks, systems, and data from cyber threats.
- Conduct risk assessments and security audits to identify vulnerabilities and recommend remediation measures.
- Integrate security measures into the infrastructure design and configuration to support cybersecurity objectives.
- Implement automation and orchestration solutions to enhance cybersecurity agility and resilience.
- Develop and enforce cybersecurity policies, standards, and procedures to ensure compliance with healthcare regulations and internal requirements.
- Conduct and/or support internal and external audits and assessments.
- Point of contact and first responder for organization CyberSecurity matters
- Liaison with regulatory agencies to fulfill statutory requirements * Provide guidance and support to teams to address compliance gaps and improve security posture.
- Lead a small team and manage vendor to deliver the organization cybersecurity
- Implement advanced threat detection and monitoring tools to detect and respond to security incidents in real-time.
- Develop incident response plans and procedures to mitigate the impact of security breaches and minimize downtime.
- Coordinate with internal teams and external partners to investigate security incidents and implement remediation measures.
- Provide guidance and support to the organization on security-related issues, including phishing awareness and data protection.
- Evaluate cybersecurity products, technologies, and solutions to determine their suitability for the organization's security requirements.
- Conduct vendor assessments and due diligence to ensure the security and reliability of third-party solutions.
- Collaborate with procurement teams to negotiate contracts and agreements with security vendors.
- Manage and operate enterprise security solutions that are deployed within the organization with the support of the Cybersecurity-CoE
- Coordinate cybersecurity tabletop exercise and awareness activities
- Work closely with Cybersecurity-CoE in rolling out enterprise security solutions on-time
- Engage and build strong relationships with leaders inside and outside their core product team in order to collaborate effectively for a designed experiences
Requirements
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity or related field; Master's degree preferred.
- Proven experience in cybersecurity architecture, infrastructure design, and implementation.
- Strong knowledge of cybersecurity principles, standards, and best practices.
- Experience with security technologies such as firewalls, intrusion detection/prevention systems, SIEM, endpoint protection, and encryption.
- Certifications such as CISSP, CISM, CEH, or equivalent are highly desirable.
- Proficiency in network and system administration, including experience with cloud platforms (e.g., GCP, AWS, Azure). * Familiarity with DevSecOps principles and practices.
- Excellent analytical and problem-solving skills.
- Strong communication and interpersonal abilities. * Highly driven and keen learner