Manager - Cybersecurity Risk Governance (Cluster CISO Office)

Apply now »

Date: 17 Dec 2024

Location: SG

Company: Synapxe

Position Overview

Group Information Security Office (GISO) provides cybersecurity risk governance and oversight for the National Healthcare Group (NHG). The objective of GISO is to provide assurance on the effectiveness of the cybersecurity strategy and implementation for NHG. The role is to drive the information security and cybersecurity programme in NHG Group-wide and within NHG institutions.

Role & Responsibilities

  • Drive information security and cybersecurity assurance program
  • Review information systems security controls against possible cyber threats and work with stakeholders on remediation. 
  • Conduct verification and validation to ensure risks are mitigated.
  • Provide cybersecurity risk advisory to projects, including providing recommendation of risk mitigation options
  • Review cybersecurity measures against possible threats learnt from external incidents and intelligence sources and work with stakeholders on addressing potential gaps.
  • Perform regular monitoring and reporting of cybersecurity risk landscape
  • Provide regular dissemination of cybersecurity risk advisories for staff
  • Drive regular cybersecurity risk metrics reporting and monitor key risk indicators.
  • Manage cybersecurity incidents. Ensure timely management reporting and provide regular updates to senior management and relevant stakeholders.
  • Conduct cybersecurity tabletop exercises improving organisational cyber resilience. 
  • Provide cybersecurity awareness training ensuring employees understand cyber risks, recognise threats and able to protect organisational assets.
  • Plan and execute simulated phishing exercises to assess employee awareness.
     

Requirements

  • More than 10 years of hands-on experience in information security and cybersecurity roles.
  • Good knowledge and experience in computer security, network security and application security.
  • Familiarity in medical device security advantageous.
  • Familiar with vulnerability assessment and pentesting methodology
  • Experience in leading cybersecurity risk identification and analysis and recommending risk reduction measures using NIST CSF and MITRE ATT&CK.
  • Good knowledge and experience with regulatory requirements pertaining to cybersecurity.
  • Strong analytical skills for threat modelling and risk assessment.
  • Proactive and consistently show initiative, solution-oriented. 
  • Good influencing skills with stakeholders, within department and across departments
  • Ability to contribute through others, collaborate well across seniority, cultures and locations
  • Good written and communication skills with ability to interact and engage with stakeholders and all levels of management.
     

Apply Now

It only takes a few minutes to apply for a meaningful career in HealthTech - GO FOR IT!!

#LI-SYNX13

#1898