Share this Job

Director, CyberSecurity Management

Date: 23-Jun-2022

Location: Singapore, Singapore

Company: Singtel Group

At Singtel, we believe in the strength of a vibrant, diverse and inclusive workforce where backgrounds, perspectives and life experiences of our people help us innovate and create strong connections with our customers. We strive to ensure all our people practices are non-discriminatory and provide a fair, performance-based work culture that is diverse, inclusive and collaborative. 

Join us and experience what it’s like to be with an Employer of Choice*. Together, let’s create a brighter digital future for all. *Awarded at the HR Fest Awards 2020.

 

Responsibilities

  • Provide leadership in CON SG and SingCash for security design and review processes, and security consulting expertise. Work closely with SingCash management team to drive an effective security risk management culture and compliance mindset.
  • Develop and maintain CON SG and SingCash cybersecurity policy, standards and frameworks. Led a team of security staff to partner IT teams to deploy and maintain effective security controls to secure SingCash’s payment services.
  • Work closely with CON SG and SingCash stakeholders to ensure compliance to Cyber Security policy and standards, including monitoring of compliance to the MAS Technology Risk Management Guideline (TRMG)
  • Identify cybersecurity risks from internal system and material vendors impacting the confidentiality, integrity and availability of the organisation, perform threat assessments of identified vulnerabilities and define solutions to improve the cybersecurity posture to protect the CON SG and SingCash assets and its ability to perform its mission and objectives.
  • Work closely with CON SG and SingCash stakeholders to align cyber security governance to maintain balance between service capability and management of cyber security related risks.
  • Lead the CON SG Security function, to ensure compliance to local regulatory requirements, engaging internal groups, including but not limited to GIT, Group Network, IAR, Legal and Group Risk.
  • Lead and work with CON SG organisations to align and comply to the Singtel Group policy, standards and frameworks – as set by the Cyber Security Risk Committee. For SingCash, work with stakeholders to ensure compliance to MAS technology risk management requirements.
  • Communicate, oversee, localize and execute technical implementations of security solutions required to meet business local objectives.
  • Deliver expert level security advisory and consulting to CON SG stakeholders to secure CON SG business programs and projects.
  • Utilise and suggest improvements to the business, information and technical improvement to enhance the security posture of CON SG and SingCash
  • Report to the Singtel Group Cyber Resilience team, focusing on leveraging Group knowledge whilst aligning CON SG to the Singtel Group Cyber Resilience team goals, objectives, policies, standards and framework.
  • Provide senior leader level enterprise consulting to business leaders and able to work under extreme pressure and tight deadlines in a calm and collaborative fashion leading from the front.
  • Accountable for ensuring that security infrastructure operations handling the cybersecurity defences remain current and relevant. Coordinate the security standards, strategies and responses across CON SG and SingCash will be crucial.
  • Look across Singtel Group and externally to identify tools, processes, frameworks and standards to improve CON SG and SingCash’s cybersecurity posture.

 

Requirement

  • Bachelor Degree in Computer Science, Computer Engineering, Electrical Engineering or other relevant field of study
  • Professional security management certifications such as a Certified Information Systems Security professional (CISSP), Certified Information Security Manager (CISM) or other similar credentials, is required.
  • Minimum 10 to 15 years of experience as a security architect/network security architect.
  • Minimum 10 to 15 years of practical experience developing information security policy, practices, standards, and guidelines.
  • Experience working as part of an internal Audit, Governance and Compliance team.
  • Advanced understanding in the following areas: Platform Security, Data Security, Network Security, Physical Security, Security Assessment Tools, Security Monitoring Tools.
  • Advanced understanding in the following areas: Security Governance Standards, Business Continuity Planning, Enterprise Risk Management, Computer Security Incident Response, and Security Compliance Audits.
  • Effective stakeholder engagement
  • Good to have
    • Cloud security knowledge
    • Understanding of payments technology and security controls like PCI-DSS
  • Good communicator
  • Familiar with the MAS TRMG, payments requirements and relevant ABS guidelines.