Cybersecurity Manager (Governance, Risk & Compliance)

[What the role is]

A cybersecurity practitioner coming from an IT Audit/Consultancy background with strong cybersecurity experience and technical knowledge is needed to plan, manage and execute governance and compliance initiatives for the infocomm and media (ICM) sector so as to improve the reliability and confidence of ICM services in Singapore.

[What you will be working on]

• Ensure compliance with relevant government regulations and conduct compliance reviews on submitted audit reports related to cybersecurity.
• Track, validate and follow-up with ICM operators on any gaps identified.
• Work closely with other IMDA divisions to administer the cybersecurity regime to applicable licensees, liaise with auditors to ensure completeness of the reports and to assess on the overall compliance to the required standards.
• Develop reports on cybersecurity metrics and track Governance, Risk and Compliance (GRC)-related KPIs.

[What we are looking for]

• Background in Cybersecurity / Computer Science / Information Technology or a related field.
• 6+ years of experience in cybersecurity, technical audit or GRC roles.
• Good knowledge of cybersecurity risk management frameworks and standards (e.g. National Institute of Standards and Technology (NIST) SP 800-53, International Organization for Standardization (ISO) 27002 etc.), and cybersecurity best practices (e.g., security risk management, vulnerability management, and security incident response etc.) from ITU, GSMA, 3GPP, NIST etc.
• Knowledge of various Cloud environments, security controls and assurance.
• Excellent communication and presentation skills, both written and oral in English.
• Strong stakeholder engagement skills.
• Strong interpersonal skills, able to work in a team, able to work under pressure and flexible in handling tasks assigned.
• Relevant cybersecurity certifications such as CISSP, CISA, CISM, CRISC, CCSP etc. is a plus.
• Proven working experiences with detailed understanding of ICM environment and key risks will have an added advantage.