Senior Manager (Cybersecurity Governance)

About our client

Our client is a leading port group and trusted partner to cargo stakeholders. Their global network encompasses 160 locations in 42 countries around the world. The Group’s portfolio comprises over 60 deep-sea, rail and inland terminals, as well as affiliated businesses in supply chain management, logistics, marine and digital services.

Senior Manager (Cybersecurity Governance)

Job Overview:

• You will gain a wealth of experience and exposure as well as possible stints with overseas offices in Europe and Asia.
• You will gain exposure and experience supporting cyber ecosystem risk assessments and security improvements to enable both future port development and cargo solutions orchestration.
• This position reports to the Group CISO.

Job Responsibilities:

You will:

• Be responsible, along with other team members, for cybersecurity governance and Operations at Corporate Centre as part of cybersecurity responsibilities at Singapore.
• Be responsible for cybersecurity policy, standards, procedures and roll-out.
• Support and feedback to the development, review and documentation of the company’s IT security policy, procedure, standard and framework.
• Conduct regular security assessments to identify vulnerabilities in the organization’s security system.
• Conduct User Engagement during the roll-out of new IT Security standard framework and process.
• Provide support for IT Security Committee activities.
• Be responsible for cybersecurity operations.
• Collect, analyse, and report on IT Security metrics to ensure comprehensive monitoring and assessment.
• Enhance and maintain endpoint security measures, ensuring robust control and protection.
• Oversee the management of security vulnerabilities, events and requests, ensuring timely resolution and mitigation.
• Supervise user account operations, conduct regular reviews, and enforce access controls to maintain security integrity.
• Lead the Cyber Incident Response Team (CIRT) during incident response processes, ensuring effective and coordinated actions and provide Level 2 or 3 incident response on a 24x7 on-call basis.
• Develop and improve cybersecurity incident response plans, coordinate, conduct or participate in related table-top exercises, cybersecurity incident drills, and red/purple teaming exercises.
• Support the investigation and remediation of IT security incidents or policy violations, ensuring compliance and security standards are upheld.
• Manager user awareness training and education.
• Promote cybersecurity awareness through training, sharing programs, and engagement events for employees, contractors, and other relevant parties.
• Plan, design and execute regular Phishing Exercises to identify high risk targets for further awareness training.
• Review group advisories and contextualise them for BU cascade.
• IT Security Solution, Assessment and Project Support.
• Lead and manage projects relating to cybersecurity to elevate the cybersecurity posture across group of business units.
• Provide IT Security solutioning risk assessment and guidance for IT systems and project implementation (on premise and cloud based).
• Evaluate, test and support implementation of new security systems, tools, and services.
• Perform cybersecurity risk assessments on various architectures, system and network designs and their components.
• Design or display technological solutions, architecture and establish demand aggregation and consumption across business classes and units.

Job Requirements:

• Good experience in cybersecurity governance.
• Have experience in developing cybersecurity standards.
• Good experience and knowledge performing cybersecurity risk assessments.
• Conducted cybersecurity vulnerability analysis and determined mitigating controls.
• Good project management skills, experience in project planning, management and implementation of cybersecurity frameworks (NIST, ISO).
• Prior maritime, logistics or transportation knowledge with international experience would be advantageous.
• Experience working with cyber security and in a regulated environment will be an added advantage.

Skills:

• At least a Degree in Computer Science or related discipline (Essential).
• At least 10 years of cybersecurity experience (Essential).
• At least 5 years of cybersecurity governance or assurance experience.
• Practical knowledge of security standards e.g., ISO 27001/2, NIST, CSA-CCM, etc.
• Good understanding of cybersecurity maturity models e.g., C2M2, CMMC or CMMI.
• Good understanding of threat modelling e.g., MITRE ATT & CK framework.
• Good understanding of risk governance e.g., COBIT.

Personalities:

• Strong communication, interpersonal, analytical and problem-solving skills.
• Able to work as a team as well as independently.
• Willingness to get hands dirty and adopt a growth mindset.
• Willingness to accept workload peaks and troughs.
• Willingness to travel at short notice.
• Good project management skills.

Certifications:

• CISSP, CISM or equivalent (Essential).
• CRISC, or equivalent.
• ISO027001 Lead Auditor, or equivalent.

These Job Descriptions are for reference only, and whilst these are intended to be an accurate reflection of the current job, it is not necessarily an exhaustive list of all responsibilities, duties, skills, efforts, requirements or working conditions associated with the job. Our client reserves the right to revise the job and may at their discretion, assign or reassign duties and responsibilities to this job at any time according to organizational needs.

Are you ready for a challenging and exciting endeavour that will require the investment of a lot of hard work, dedication and all your experience? Are you ready to bring your skills and competencies to support the establishment and enhancement of our client’s business? If yes, you might be exactly the new team member they are looking for!

Please submit your updated and comprehensive CV in MS WORD FORMAT ONLY (NOT PDF) with full career details, stating current or last drawn salary with full breakdown such as base, incentives, AWS, etc. and expected salary, contact details, educational qualifications, working experiences, reasons for leaving each past employment(s) and availability date to:

[email protected]

What our client offers

Develop Your Potential:

They emphasise and offer exciting rotations, learning and development opportunities, which will fuel your career aspirations and complement your business exposure across their global network.

Diverse, Equal Opportunity:

They build a sustainable work culture where their people feel welcome, valued, respected and able to express their ideas and beliefs freely. They believe that diversity of thought and approaches in their workplace makes them stronger as a team.

Competitive Compensation and Benefits:

They are committed to recognising and rewarding your contributions to the business. They benefits packages aim to improve your quality of life by providing support for medical, dental, recreation, among others.

Personal Data Protection Statement for Job Applicants

Please be informed that the personal data you provided by way of your job application to Benchmark will be collected, used and disclosed by or on behalf of Benchmark to determine or investigate your suitability, eligibility or qualifications for employment with Benchmark and/or its clients and manage your application for employment with Benchmark and/or its clients including identifying you as potential candidate for future suitable positions and/or notifying you of any such positions, either existing or in the future.

Thank You!

We thank all applicants for their interest in a career with our client. Due to the high volume of incoming applications, we will not be able to respond to all applicants. Therefore, only shortlisted applicants will be notified for interviews. All applications will be treated with the strictest confidence.

THOMAS CHAN | MOM CEI No: R1766693 | Benchmark Staffing Solutions | MOM EA License: 21C06790 | UEN: 53435609E