Assistant Director - Cybersecurity GRC (Policy, Risk & Capability Development)

Apply now »

Date: 17 Dec 2024

Location: SG

Company: Synapxe

Position Overview

Provide leadership to uplift the cybersecurity of medical devices and operational technology (MDOT) through its life cycle from pre-market availability to post-market policy and governance. Leading the risk management workstream, you will need to identify and frame the required initiatives into workplans, promote to get buy-in, work with or oversee the successful implementation and report on completion. This will require leadership skills, business acumen and technical knowledge to overcome gaps and challenges. To be successful in this role, you will need to engage multiple stakeholders e.g. government, manufacturers, technology organizations, academia, healthcare institutions to drive for the required outcome.

Role & Responsibilities

  • Lead the risk management capability building of the Medical Device Oversight Committee program. Be the integrator and key point of contact for MDOT cyber security governance, policy, risk and compliance topics.
  • Design and build a central repository of risk assessment and policy compliance reports.
  • Build a cybersecurity controls library to guide the procurement, compliance adherence and risk assessment of MDOT devices. 
  • Oversee the development of the required policies, taking into considerations the regulations, industry threats and drivers, installed landscape, timelines and trade-offs. 
  • Drive development of architectural models for MDOT secure deployment and implementation.
  • Provide central oversight on the building of MDOT monitoring and detection capabilities for public healthcare, detailing policy requirements and supporting the design and evaluation of possible solutions.
  • Develop cybersecurity campaigns, policies adherence program and innovation to increase compliance, risk posture and instill cyber risk awareness culture in making decisions.
  • Evaluate evolving threat landscape and regulation changes and take a proactive approach to ensure policies, standards, guidelines remain relevant and fit-for-purpose. 
  • Project manage and coordinate joint agency (across ministries, agencies and private sector entities) initiative(s) to ensure their successful implementation. This includes preparation of project materials, communication, activity & budget tracking, reporting of progress and highlighting potential dependencies and issues which could impact timelines and quality of deliverables.
  • Strategise and facilitate engagement and collaboration with various stakeholders in public healthcare, government and industry.
  • Engage and drive alignment with stakeholders including but not limited to MOH, Synapxe and MOHH entities’ CIOs, CISOs and other functional leaders.

Requirements

  • Bachelor’s degree in computer science or STEM Majors (Science, Technology, Engineering and Math) with over 12 years of experience.
  • Recognized industry leading certifications in relevant areas such as CISM, CRISC, CISSP, and GIAC certifications.
  • Experience in policy, standard and guideline implementation in cyber security and technology risk domain.
  • Solid technical writing and attention to details.
  • Working knowledge on well-recognized frameworks & standards such as IM8, NIST CSF, COBIT5/2019, and ISO27000 series.
  • Command a good understanding and experience in cyber security, risk management, and compliance concepts and processes.
  • Ability to consult and influence stakeholders on alignment of outcomes and desired technical solutions.
  • Ability to analyze, design, and develop a solution roadmap and implementation plan based upon a current versus future state.
  • Working knowledge of balancing security and business needs.
  • Knowledgeable on full range of services catalog within a cybersecurity function and able to discuss overall solution.
  • Experience sustaining operational stability through various life cycle phases.
  • Adept at navigating the organizational matrix; understanding people's roles, anticipate obstacles, identify workarounds, leverage resources and rally teammates.
  • Understand how internal & external business model works and facilitate active customer engagement.
  • Able to articulate the value of what is most important to the stakeholders to achieve desired outcomes.
  • Able to produce functional area information in sufficient detail for cross-functional teams to utilize, using presentation and storytelling concepts.
  • Possess extensive knowledge of cybersecurity services in portfolio and proficiency in discussing each area.
  • Demonstrate working knowledge of a large organization and cross-functional teams.
  • Demonstrated Change Management capabilities.
  • Anticipate obstacles, identify workarounds, leverage resources, rally teammates.
  • Strong interpersonal skills, including creativity and curiosity with ability to effectively communicate and influence across all organizational levels.
  • Proven analytical and problem resolution skills.
  • Ability to influence and build consensus with other stakeholders.
     

Apply Now

It only takes a few minutes to apply for a meaningful career in HealthTech - GO FOR IT!!

#LI-SYNX13

#1822