Senior / Manager, Cybersecurity & Infrastructure

The Cybersecurity Manager in NTUC Health is responsible for designing, implementing, and maintaining robust cybersecurity solutions architecture to protect the organization's digital assets. This role involves strategic planning, technical expertise, and collaboration with various stakeholders to ensure the security and integrity of the IT environment. You will work closely with other members of the IT team, Nexus CoE and senior management to ensure that the organization's cybersecurity posture remains robust and effective in the face of evolving threats and challenges.

Key Responsibilities:

Develop and maintain a comprehensive cybersecurity architecture framework aligned with healthcare best practices and regulatory requirements.

Design and implement security controls, protocols, and processes to safeguard networks, systems, and data from cyber threats.

Conduct risk assessments and security audits to identify vulnerabilities and recommend remediation measures.

Integrate security measures into the infrastructure design and configuration to support cybersecurity objectives.

Implement automation and orchestration solutions to enhance cybersecurity agility and resilience.

Develop and enforce cybersecurity policies, standards, and procedures to ensure compliance with healthcare regulations and internal requirements.

Conduct and/or support internal and external audits and assessments.

Point of contact and first responder for organization CyberSecurity matters.

Liaison with regulatory agencies to fulfill statutory requirements.

Provide guidance and support to teams to address compliance gaps and improve security posture.

Lead a small team and manage vendor to deliver the organization cybersecurity

Implement advanced threat detection and monitoring tools to detect and respond to security incidents in real-time.

Develop incident response plans and procedures to mitigate the impact of security breaches and minimize downtime.

Coordinate with internal teams and external partners to investigate security incidents and implement remediation measures.

Provide guidance and support to the organization on security-related issues, including phishing awareness and data protection.

Evaluate cybersecurity products, technologies, and solutions to determine their suitability for the organization security requirements.

Conduct vendor assessments and due diligence to ensure the security and reliability of third-party solutions.

Collaborate with procurement teams to negotiate contracts and agreements with security vendors.

Manage and operate enterprise security solutions that are deployed within the organization with the support of the Cybersecurity-CoE.

Coordinate cybersecurity tabletop exercise and awareness activities.

Work closely with Cybersecurity-CoE in rolling out enterprise security solutions on-time.

Engage and build strong relationships with leaders inside and outside their core product team in order to collaborate effectively for a designed experience.

Requirements:

Bachelor's Degree in Computer Science, Information Technology, Cybersecurity or related field; Master's degree preferred.

Proven experience in cybersecurity architecture, infrastructure design, and implementation.

Strong knowledge of cybersecurity principles, standards, and best practices.

Experience with security technologies such as firewalls, intrusion detection/prevention systems, SIEM, endpoint protection, and encryption.

Certifications such as CISSP, CISM, CEH, or equivalent are highly desirable.

Proficiency in network and system administration, including experience with cloud platforms (e.g., GCP, AWS, Azure).

Familiarity with DevSecOps principles and practices.

Excellent analytical and problem-solving skills.

Strong communication and interpersonal abilities.

Highly driven and keen learner.

Other Information:

This is in partnership with the Employment and Employability Institute Pte Ltd (e2i). e2i is the empowering network for workers and employers seeking employment and employability solutions. e2i serves as a bridge between workers and employers, connecting with workers to offer job security through job-matching, career guidance and skills upgrading services, and partnering employers to address their manpower needs through recruitment, training, and job redesign solutions. e2i is a tripartite initiative of the National Trades Union Congress set up to support nation-wide manpower and skills upgrading initiatives.

By applying for this role, you consent to NTUC Health's PDPA and e2i's PDPA.