S$8000 - S$10000 per month
about 2 months ago
Cyber Security, Information and Risk Management Specialist - Regional
- Global leading brand, looking to evolve their cybersecurity in the region
- Managing information risk management across networks and systems
- Be part of a global and technically advanced IT landscape
Ensure that cybersecurity risks are identified and managed, as well as ensure compliance with all appropriate regulatory requirements and internal cybersecurity policies and standards
Identify, evaluate, and prioritize risks entailing the management of security controls over information throughout its lifecycle
Also implement and maintain cybersecurity awareness and training programs in the region consistent with global standards.
Essential experience and qualifications sought
* Bachelor's degree and CISSP, CRISC certifications are mandatory. At least one of the following certifications is required or must be obtained within your first 12 months of employment : CISA, CISM, CIPT.
* 5 years of relevant work experience in cybersecurity policy, standards, compliance, legal, or risk management functions.
* 5 years of experience identifying, evaluating, and managing risk in a complex and changing environment.
* 3 years of experience with the definition and identification of high value information assets.
* 2 years of experience with third party management frameworks.
* 2 years of experience discerning an organization's protection needs (i.e., security controls) for information systems and networks.
* 2 years of experience implementing and operating leading-edge governance-enabling technologies.
* Knowledge of computer networking concepts and protocols, and cybersecurity principles.
* An understanding of emerging technology and digital trends and their impacts on cybersecurity.
* Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security tools and procedures.
* 3 years of working experience with Archer and FAIR methodology
* Knowledge of best practice standards (e.g. NIST, ISO 27001/2, COBIT).
* Deep understanding of cybersecurity and the relationship between threat, vulnerability and information value in the context of risk management.
* Solid understanding of risk-based decision-making (i.e. risk analysis, mitigation, resolution, acceptance, etc.).
* Proficiency with common cybersecurity management frameworks, regulatory requirements and industry leading practices.
* Knowledge of third-party management leading practices and the potential cybersecurity risks involved in third-party relationships.
* Knowledge of organizational training and education policies, processes, and procedures.
* Deep understanding of the operational impacts of cybersecurity lapses.
* Experience working on a global team is preferred.
* Strong process execution, time management and organizational skills
Please send your resume in WORD format by clicking the apply button below or contact Anju Lagah on +65 6701 1504 for a confidential discussion. Please note that only short-listed candidates will be contacted.CEI Reg. Number R1219693 (Anju Lagah).