This role is responsible for establishing the cybersecurity architecture strategy, driving architectural standardisation, ensuring secure by design principles, and enabling strong alignment between cyber requirements, business needs, and technology plans. You will play a key role in strengthening RMG's cybersecurity resilience through architecture oversight, security design governance, solution validation, and forward-looking capability development.
As a Cybersecurity Lead, you will support the Senior Cybersecurity Manager in developing and implementing a robust cybersecurity architecture framework and strengthening organizational resilience. Your responsibilities include:
Key Responsibilities:
Security Architecture
- Evaluate systems from a security architecture perspective and propose practical remediation measures.
- Develop and rollout group-wide cybersecurity standards and guidelines.
- Define security requirements and review solution architectures and proposal content.
- Lead and coordinate the delivery of cybersecurity assessments, implementations and improve projects.
- Lead the design and evaluation of security controls for new systems, platforms, cloud solutions and major transformation programs.
- Provide expert advisory to project teams, solution architects and engineering teams on system hardening, network segmentation, identity security, cloud security and application security.
- Conduct architectural risk assessments and security design reviews, identifying design weaknesses and recommending effective mitigation measures.
- Drive the planning and implementation of strategic cybersecurity architecture initiatives.
- Support technical assurance activities to validate that implemented solutions meet approved security architecture requirements.
- Review system, configurations, deployment architecture and integration designs to ensure adherence to approved security design patterns.
- Track and report on architecture compliance, deviations and remediation plans.
- Partner closely with technology teams, business units and operations to ensure cybersecurity architecture is practical, adoptable and aligned with business needs.
- Work with vendors, contractors and partners to align architecture direction with industry standards and regulatory frameworks.
Threat & Vulnerability Management
- Lead the threat intelligence program by collecting, analysing, and operationalising threat data to inform defensive priorities.
- Oversee the full vulnerability management lifecycle: asset discovery, risk scoring(CVSS), prioritisation, remediation SLA tracking, and executive reporting.
- Facilitate in cyber incident response planning and execution, including coordination across IT, clinical, operations, and communications teams.
- Facilitate tabletop exercises, red team/blue team activities, and post-incident reviews.
- Manage penetration testing programs track, assign, and verify remediation of findings.
- Maintain RMG's threat model, attack surface inventory, and cyber risk register.
- Monitor sector-specific threat developments (e.g. healthcare, OT/IoT, supply chain) and proactively update controls.
Compliance & Risk Management
- Ensure cybersecurity compliance with Singapore regulatory frameworks:
- Personal Data Protection Act (PDPA) and PDPC Advisory Guidelines
- Healthcare Services Act (HCSA) and associated MOH circulars
- MOH Artificial Intelligence in Healthcare Guidelines (where applicable)
- Cyber Security Agency (CSA) Cybersecurity Act and CII obligations
- MAS Technology Risk Management Guidelines (where applicable)
- Coordinate and support internal audits, external assessments, and regulatory inspections prepare evidence packs and manage remediation plans.
- Oversee Business Continuity Planning (BCP) and Disaster Recovery (DR) from a cybersecurity perspective, including cyber crisis response plans.
Qualifications & Experience:
- Bachelor's Degree in Cybersecurity or a related discipline.
- Minimum 6 years of hands-on cybersecurity experience with at least 3 years in cybersecurity architecture or security design for complex IT environments.
- Proven track record in security architecture design, review, and governance in an enterprise or regulated environment.
- Demonstrated expertise in designing and evaluating security controls across cloud and on-premise systems.
- Hands-on experience conducting architectural risk assessments, security design reviews and solution validation.
- Demonstrated experience in threat and vulnerability management.
- In-depth understanding of cybersecurity frameworks such as NIST CSF, ISO27001, CIS Controls. AI frameworks and other sector-specific cyber standards.
- Required (at least one): CISSP, CISM, or CISA or equivalent senior-level cybersecurity certification.
- Experience in the healthcare, government, or Critical Information Infrastructure (CII) sector is an advantage.
Technical Competency Profile
Security Architecture
- Deep expertise in enterprise security architecture frameworks (NIST CSF, ISO/IEC27001).
- Strong knowledge of Zero Trust Architecture, micro-segmentation, and least-privilege access models.
- Proficiency in cloudsecurity architecture across AWS, Azure, or Google Cloud Platform.
- Hands-onexperience with network security controls - firewalls, IDS/IPS, WAF, VPN,SD-WAN.
- Understanding of secure SDLC, API security, and container/Kubernetes security.
Threat Management
- Working knowledge of MITRE ATT & CK framework for threat modelling and detection engineering.
- Experience with threat intelligence platforms (TIPs), IOC management, and dark web monitoring.
- Familiarity with vulnerability scanning tools (Tenable, Qualys, Rapid7) and patch management workflows.
- Competence in digital forensics, log analysis, and malware triage.
Soft Skills
- Ability to communicate security risk clearly to both technical teams and executive leadership.
- Strong stakeholder management - able to influence and negotiate with business, clinical, operations, and vendor counterparts.
- Decisive under pressure exercises sound judgement during high-severity incidents.
- Coaches and develops team members delegates effectively while maintaining quality oversight.
