Assistant Manager - Cybersecurity Risk & Compliance (Cluster CISO Office)

Apply now »

Date: 27 Apr 2026

Location: SG

Company: Synapxe

Position Overview

The Cybersecurity Risk & Compliance Senior Analyst acts as the bridge between technical security teams and corporate leadership. The role is to identify and manage cyber risk and ensure the organisation meets regulatory and legal standards. This role also manages, tracks and reports cybersecurity KRIs in relevant committees, support audit through thematic reviews and maintains the cybersecurity risk register.

Role & Responsibilities

Risk and Compliance

  • As the 2LOD function, support risk assessments through gap analysis and review to ensure that adequate controls are in place and risks are well managed.
  • Ensure that the company complies to all policies, frameworks and regulations.
  • Keep process documentation updated with current internal processes.
  • Collaborate with Synapxe central teams, CIO Office, Medical Institutions, Corporate Communications/PR, and crisis management stakeholders to ensure risks are well managed and documented.

Thematic Reviews

  • Work with the internal audit team, project teams and relevant stakeholders to conduct thematic reviews to assess compliance state and identify gaps or potential areas of improvement.
  • Prepare summary reports and conduct sessions to brief and update relevant stakeholders.
  • Track and follow up on the implementation of required mitigation measures and ensure closure of identified gaps.

Tracking and Reporting of Cyber Risk Register

  • Track and maintain the Cyber Risk Register to ensure that all risks and deviations are addressed within their committed resolution date.
  • Evaluate and analyse risk trends across the risk register as part of cluster managed risks.
  • Prepare KRI dashboard and executive summary report for reporting to senior management.
  • Drive continuous improvements to the management of the Cyber Risk Register.

Tracking and Reporting of vulnerabilities & patching

  • Work with Synapxe central team and GITO team to reconcile, track and evaluate discovered vulnerabilities and their resolution.
  • Analyse vulnerability trends and datasets to evaluate overall risk posture.
  • Prepare vulnerability reporting metrics and trends for reporting to senior management.
  • Drive continuous improvements in the tracking and reporting of vulnerabilities.

Support Cybersecurity Management Committee (CMC) through secretariat duties

  • Manage the agenda for the CMC including the quorum, meeting invites, and submission of materials.
  • Prepare/review relevant decks for presentation in CMC.
  • Evaluate materials for presentation such as deviation approvals, risk acceptance and other related cybersecurity topics.
  • Support the CMC meeting through presentation of related KRIs, capturing of meeting minutes and any other related secretariat related duties.

Requirements

  • Experience: Minimum 5 years of hands‑on experience in cybersecurity risk and compliance.
  • Technical Skills: Solid understanding of risk frameworks, NIST CSF & 800-53, ISO/IEC 27001. Some experience in AI and Medical Device & operating technology is advantageous.
  • Communication: Strong written and verbal communication skills; able to brief senior management and articulate technical requirements into business terms and coordinate across diverse teams.
  • Certifications (preferred): CISM, CRISC, CISA, CISSP, or equivalent cybersecurity certifications.
  • Advantageous: Experience in healthcare cybersecurity or exposure to national-level cybersecurity frameworks and guidelines. Be able to work and contribute as a team.

Apply Now

NOTE: It only takes a few minutes to apply for a meaningful career in HealthTech - GO FOR IT!!