x
Get our mobile app
Fast & easy access to Jobstore
Use App
Congratulations!
You just received a job recommendation!
check it out now
Browse Jobs
Companies
Campus Hiring
Download App
Browse Jobs
Companies
Campus Hiring
News
Download App
Employers
View All Jobs
Jobs in Singapore
Jobs in Singapore   »   Jobs in Singapore   »   Assistant Manager, Regional Cybersecurity
banner picture 1 banner picture 2 banner picture 3

Assistant Manager, Regional Cybersecurity

Sysmex Asia Pacific Pte. Ltd.

Sysmex Asia Pacific Pte. Ltd. company logo
Job Type   /   Job Level
Full-time   /   Manager
Job Location
Singapore, Singapore, Singapore
Salary Offered

Key Job Purpose :


The Assistant Manager, Regional Cybersecurity (AMRC) is the primary in-house expertise in Asia Pacific responsible in the formulation, implementation and on-going maintenance of Information Security Standards accreditation and certification programs in the Asia Pacific region, inclusive of, but not limited to, latest international ISO 27001 and ISO 81001 framework programs, privacy protection laws, and local Medical Device industry cybersecurity law enforcements.

The AMRC is responsible to support the HOD (Regional Information Security Manager) to safeguard patient safety and protect Company interest through the formation, adoption, operationalization and regular review and compliance of Information Security framework, policies, procedures and initiatives relating to the cybersecurity and data governance aspects of the "internet of medical things" or medical devices products and services in the Asia Pacific region.


Job Description :


1) Strategize, Lead, Drive and Manage Cybersecurity ISO accreditation program for Asia Pacific

  • Lead, drive and manage all applicable Cybersecurity ISO implementations and re-certification operations.
  • Develop ISO security design, accreditation framework, and review processes.
  • Perform gap assessment and develop ISO roadmap for accreditation and/or re-certification.
  • Develop policies, standards, procedures, and operational processes to meet the developed ISO roadmap.
  • Effectively manage the security ISO roadmap based on approved Strategic goals, prioritizing across tactical and strategic goals, and align business needs and technical priorities.
  • Collaborate with Company CSIRT, PSIRT and Enterprise Risk Management teams to achieve the requirements of security ISO accreditation.
  • Deliver expert level security ISO advisory to internal stakeholders to secure ISO investments.

2) Establish and operationalize cybersecurity ISO compliance and recertification:

  • Work with global and regional stakeholders to align SOPs and QPs that achieve compliance to Group/Region Cybersecurity ISO program, policies, standards and framework.
  • Collaborate with various internal company teams such as Corporate IT, Business Applications, Product and Services R&D, Marketing and Customer services teams to achieve security ISO re-certifications.
  • Provide timely management reporting to relevant Regional/Group Risk Management Committee.
  • Prepare and present CAPEX and OPEX budget for security ISO accreditation/re-accreditation and operations in the region.

3) Continuous improvements to cybersecurity stance of AP operation:

  • Establish continuous improvements to Company’s security ISO including but not limited to identifying new ISO standards that better support the Company’s business objectives.
  • Establish continuous improvements to Company’s cybersecurity monitoring.
  • Establish continuous improvements to Company’s staff cybersecurity knowledge including but not limited to training and identify potential cybersecurity breaches.
  • Establish process to work with business stakeholders to continuously update SOPs and QPs to response to new risk areas and potential breaches.

4) Support business in response to Sysmex customers’ cybersecurity requirements:

  • Review tender requirements of Sysmex customers’ as provided by sales teams and:
  • Highlight areas of out of Sysmex controls
  • Highlight risk areas for Sysmex to consider countermeasures.
  • Bring highlighted risk areas and their respective countermeasures back into Sysmex cybersecurity stance and operation requirements.

5) Manage cybersecurity incidents response and resolution:

  • Supporting the Regional Information Security Manager, manage cybersecurity incidents response with close collaboration with cybersecurity experts, internal IT and vendors, to achieve on-target, and timely triage and resolution of cybersecurity incidents in the region, in accordance to global/regional policies.

6) Other duties as assigned by the HOD.


Job Requirements :

  • Possess a tertiary education in any discipline, preferably in Cybersecurity, Computer Science, Computer Technology, or a medical/healthcare-related field (or equivalent demonstrated knowledge and experience in the cybersecurity domain).
  • With 8 to 15 years of experience in cybersecurity or ISO accreditation within the medical or healthcare industry, ideally with IT and/or product cybersecurity program or project experience in a dynamic, agile MNC environment that includes cybersecurity management responsibilities.
  • Must have a minimum of 2 recent, successful hands-on experiences in ISO 27001:2022 and/or ISO 81001 implementations.
  • At least 1 successful hands-on experience in re-certification of ISO 27001 and/or ISO 81001 programs.
  • Sound experience in working in a regional MNC RHQ shared services environment.
  • Technically competent and have prior project/program implementation experiences in the Cybersecurity domain such as: Expert knowledge in the latest ISO 27001, ISO 81001, NIST Cybersecurity framework, Cybersecurity Strategy and Roadmap formulation, Cybersecurity Framework, Policies, SOP formulation and enforcement, Cybersecurity Program and Project Management, Cyber Risk Assessment and Governance Management, Cyber Incident Response Management, Cyber Awareness and Training, Cyber Vulnerability Assessment and Penetration Testing, Cyber Prevention, Technical Security of Enterprise Systems and Networks Technical Security of Medical Devices, Experience in security domains in Data Centre design, Microsoft Azure, AWS and DevOps.
  • Strong ISO program and stakeholder management is essential for this role.
  • Demonstrate ability to build and maintain relationships with a wide array of people at both junior and senior levels, internal within the organization or externally across industries.
  • Must possess professional cybersecurity certifications such as CISSP, CISM, CCSP, CISA, or equivalent. In addition, a Project or Program Management certification (PMP or PRINCE2) is required, along with formal training or demonstrated expertise in ISO 27001:2022 and ISO 81001 (or equivalent).
  • Excellent written verbal communication, presentation and negotiation skills.
  • Possesses an independent, objective and inquisitive mind.

Sharing is Caring

Know others who would be interested in this job?
© 2024 Jobstore. All rights reserved.