Senior Specialist, Cybersecurity

About NTUC Health Co-operative Limited

Our purpose is to achieve health for life enabling healthy and fulfilling years by being a trusted partner of seniors and their families in our community.

For more information, please visit ntuchealth.sg or follow us on Facebook, Instagram, and LinkedIn.

Services: Senior Day Care | Home Care | Nursing Home | Active Ageing and Senior Fitness | Rehabilitation and Physiotherapy | Family Medicine

Community Support: CCMS (Community Case Management Services) | CREST (Community Resource, Engagement and Support Team) | Henderson Home

Job Description

Job Role Summary:

The Senior Specialist, Cybersecurity is responsible for protecting the organization's information systems and data from potential threats. This role involves developing, implementing, and managing advanced security protocols and technologies. The specialist will lead security initiatives, conduct in-depth risk assessments, and respond to complex security incidents, ensuring compliance with regulatory requirements. They also serve as a subject matter expert, mentoring junior team members and collaborating with cross-functional teams to integrate security best practices across the enterprise.

You will need to:

• Perform security risk assessments, formulate and advise on a risk treatment plan
• Review security testing reports (e.g. vulnerability assessment, penetration testing and
• secure code review) and work with application teams for remediation
• Coordinate cybersecurity awareness activities (e.g. newsletters, trainings, phishing campaigns)
• Manage vendors to support cybersecurity operations using enterprise security solutions (e.g. onboarding of privileged accounts to PAM, implementing WAF for website protection, and reviewing firewall rules, etc.)
• Work closely with Infrastructure and End User Support teams to identify and address any risks and gaps in the infrastructure, endpoints, and application systems
• Prepare and present the Cybersecurity Subcommittee meetings
• Support vendor due-diligence process and help to guide overall third-party risk management efforts
• Support both internal audit and external audits in the area of cybersecurity

Qualifications

You should:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity or a related field.
• Minimum of 5 years of experience in Cybersecurity
• Experience with security technologies such as firewalls, intrusion detection/prevention systems, and data encryption.
• Strong knowledge in security technologies such as Antivirus/Endpoint Detection and Response (EDR), Privilege Access Management (PAM), Security Access Service Edge (SASE), Web Application Firewall (WAF), SIEM, SOAR, etc
• Good knowledge with AI related security risk assessment and governance
• Strong in vendor and project management
• Strong in governance and compliance
• Strong communication skills and the ability to explain complex technical concepts to non-technical stakeholders.

It would be great if you:

• Relevant professional certifications such as CISSP, CISM, or CISA are preferred.
• Strong analytical and problem-solving skills
• Highly driven and willing to learn
• Critical Thinking and meticulous