Senior Cybersecurity Governance Specialist

<p><strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg" data-ccp-parastyle-defn="{&quot;ObjectId&quot;:&quot;25a54cba-28f7-56f2-8759-46183df8708b|1&quot;,&quot;ClassId&quot;:1073872969,&quot;Properties&quot;:[201342446,&quot;1&quot;,201342447,&quot;5&quot;,201342448,&quot;1&quot;,201342449,&quot;1&quot;,469777841,&quot;Calibri&quot;,469777842,&quot;Calibri&quot;,469777843,&quot;Calibri&quot;,469777844,&quot;Calibri&quot;,201341986,&quot;1&quot;,469769226,&quot;Calibri&quot;,268442635,&quot;22&quot;,469775450,&quot;gmail-wdcg&quot;,201340122,&quot;2&quot;,134233614,&quot;true&quot;,469778129,&quot;gmail-wdcg&quot;,335572020,&quot;99&quot;,134234072,&quot;true&quot;,335559705,&quot;18441&quot;,335559740,&quot;240&quot;,201341983,&quot;0&quot;,134233118,&quot;true&quot;,134233117,&quot;true&quot;,469778324,&quot;Normal&quot;]}">[What the role is]</span></span></strong><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></p> <p><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">GovTech is the lead agency driving Singapore’s Smart Nation initiatives and public sector digital transformation. As the Centre of Excellence for&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">Infocomm</span><span data-ccp-parastyle="gmail-wdcg">&nbsp;Technology and Smart Systems (ICT &amp; SS), GovTech develops the Singapore Government’s capabilities in Data Science &amp; Artificial Intelligence, Application Development, Smart City Technology, Digital Infrastructure, and Cybersecurity.&nbsp;</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></p> <p><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">At GovTech, we offer you a purposeful career to make lives better where we empower our people to master their craft through robust learning and development opportunities all year round.</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></p> <p><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Play a part in Singapore’s vision to build a Smart Nation and embark on your meaningful journey to build tech for public good. Join us to advance our mission and shape your future with us today!&nbsp;</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></p> <p><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Learn more about GovTech at tech.gov.sg.</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></p> <p><strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">[What you will be working on]</span></span></strong><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></p> <p><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">The Cyber Security Group (CSG) is the cybersecurity arm of GovTech. CSG is committed to create a digital government that is safe and secure. CSG delivers technical and operational capabilities to counteract cyber threats, provides thought leadership on transformative cybersecurity governance and policies and to strengthen the cybersecurity posture of government agencies in a manner that is sustainable, pragmatic, and effective.&nbsp;</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></p> <p><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">To enhance&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">infocomm</span><span data-ccp-parastyle="gmail-wdcg">&nbsp;security capabilities in GovTech and the Whole-of-Government (WOG), GovTech appoints&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">Chief Information Security Officer (CISO)&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">teams</span><span data-ccp-parastyle="gmail-wdcg">&nbsp;at the various ministries to oversee&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">infocomm</span><span data-ccp-parastyle="gmail-wdcg">&nbsp;security management.&nbsp;</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></p> <p><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Reporting to the Ministry CISO (MCISO), you will be the primary architect of the Ministry’s security governance and risk management framework. You will ensure that all agencies within the Ministry Family&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">operate</span><span data-ccp-parastyle="gmail-wdcg">&nbsp;under a unified, effective, and modern security standard.&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">Your mission is to transform GRC from a compliance-heavy exercise into a strategic enabler. You will&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">establish</span><span data-ccp-parastyle="gmail-wdcg">&nbsp;the frameworks that allow the Ministry Family to adopt&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">new technologies</span><span data-ccp-parastyle="gmail-wdcg">&nbsp;with confidence, moving away from a "risk-averse" posture toward a "risk-informed" one</span><span data-ccp-parastyle="gmail-wdcg">. You will&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">ensure that risk management is deeply integrated into the lifecycle of every digital system, from web applications to critical Operational Technology (OT) environments.</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></p> <p><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></p> <p><strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg" data-ccp-parastyle-defn="{&quot;ObjectId&quot;:&quot;25a54cba-28f7-56f2-8759-46183df8708b|1&quot;,&quot;ClassId&quot;:1073872969,&quot;Properties&quot;:[201342446,&quot;1&quot;,201342447,&quot;5&quot;,201342448,&quot;1&quot;,201342449,&quot;1&quot;,469777841,&quot;Calibri&quot;,469777842,&quot;Calibri&quot;,469777843,&quot;Calibri&quot;,469777844,&quot;Calibri&quot;,201341986,&quot;1&quot;,469769226,&quot;Calibri&quot;,268442635,&quot;22&quot;,469775450,&quot;gmail-wdcg&quot;,201340122,&quot;2&quot;,134233614,&quot;true&quot;,469778129,&quot;gmail-wdcg&quot;,335572020,&quot;99&quot;,134234072,&quot;true&quot;,335559705,&quot;18441&quot;,335559740,&quot;240&quot;,201341983,&quot;0&quot;,134233118,&quot;true&quot;,134233117,&quot;true&quot;,469778324,&quot;Normal&quot;]}">Key Responsibilities</span></span></strong><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></p> <ol> <li><strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Enterprise Risk Governance &amp; Management</span></span></strong></li> </ol> <ul> <li data-leveltext="" data-font="Symbol" data-listid="31" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="1" data-aria-level="1"><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Dynamic Risk Registers:&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">Establish</span><span data-ccp-parastyle="gmail-wdcg">&nbsp;and oversee the Ministry-wide security risk register. You will ensure that registers are not static documents but "living" tools that accurately reflect the current threat landscape and project status across all agencies.</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <ul> <li data-leveltext="" data-font="Symbol" data-listid="31" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="2" data-aria-level="1"><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Senior Management Facilitation: Lead and&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">facilitate</span><span data-ccp-parastyle="gmail-wdcg">&nbsp;high-level risk conversations with Senior Management and Agency CIOs. You must be able to translate complex technical risks into clear business impacts to drive informed resource allocation and prioritisation.</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <ul> <li data-leveltext="" data-font="Symbol" data-listid="31" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="3" data-aria-level="1"><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Risk Analysis Framework: Develop a robust framework to guide agencies in performing consistent, high-quality risk analysis. This framework should empower agencies to take calculated risks for innovation rather than defaulting to "no" due to risk aversion.</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <ol> <li><strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Threat Risk Assessment (TRA) &amp; Standards</span></span></strong></li> </ol> <ul> <li data-leveltext="" data-font="Symbol" data-listid="22" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="1" data-aria-level="1"><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Unified TRA Framework: </span><span data-ccp-parastyle="gmail-wdcg">Establish</span><span data-ccp-parastyle="gmail-wdcg">&nbsp;and maintain Ministry-wide standards for conducting Threat Risk Assessments across diverse domains, including Cloud (GCC), Web Applications, and OT/ICS systems.</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <ul> <li data-leveltext="" data-font="Symbol" data-listid="22" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="2" data-aria-level="1"><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Crown Jewel Identification: Develop SOPs to guide agency project teams in&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">identifying</span><span data-ccp-parastyle="gmail-wdcg">&nbsp;"Crown Jewels" (Critical Information Assets) and mapping comprehensive threat vectors.</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <ul> <li data-leveltext="" data-font="Symbol" data-listid="22" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="3" data-aria-level="1"><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Standardisation of Controls: Define common security configuration standards and ensure that controls are technically effective in mitigating&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">identified</span><span data-ccp-parastyle="gmail-wdcg">&nbsp;risks, rather than just meeting baseline requirements.</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <ol> <li><strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Zero Trust &amp; Architecture Governance</span></span></strong></li> </ol> <ul> <li data-leveltext="" data-font="Symbol" data-listid="23" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="1" data-aria-level="1"><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Zero Trust Roadmap: Lead the establishment of a Ministry-wide Zero Trust Framework, setting the standards for identity-based security, micro-segmentation, and "never trust, always verify" architectures.</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <ul> <li data-leveltext="" data-font="Symbol" data-listid="23" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="2" data-aria-level="1"><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Architectural Advisory: Provide expert GRC input during the design phase of high-impact systems to ensure security-by-design and alignment with Ministry standards.</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <ul> <li data-leveltext="" data-font="Symbol" data-listid="23" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="3" data-aria-level="1"><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Technology Application: Evaluate and recommend security technologies that effectively mitigate specific risks, ensuring that defensive layers&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">remain</span><span data-ccp-parastyle="gmail-wdcg">&nbsp;relevant against modern threats.</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <ol> <li><strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Supply Chain &amp; Ecosystem Risk Management</span></span></strong></li> </ol> <ul> <li data-leveltext="" data-font="Symbol" data-listid="30" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="1" data-aria-level="1"><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Third-Party Risk Strategy:&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">Establish</span><span data-ccp-parastyle="gmail-wdcg">&nbsp;the framework for managing risks across the software supply chain and IT vendors.</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <ul> <li data-leveltext="" data-font="Symbol" data-listid="30" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="2" data-aria-level="1"><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Dependency &amp; Vendor Risk: Develop standards for assessing the cyber-resilience of third-party partners and managing risks associated with software dependencies (e.g.,&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">Open Source</span><span data-ccp-parastyle="gmail-wdcg">&nbsp;libraries).</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <ol> <li><strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Audit Excellence &amp; Systemic Improvement</span></span></strong></li> </ol> <ul> <li data-leveltext="" data-font="Symbol" data-listid="25" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="1" data-aria-level="1"><span data-contrast="auto">Proactive Readiness: Shift agencies from "reactive" audit preparation to a state of continuous compliance and readiness.</span><span data-ccp-props="{}">&nbsp;</span></li> </ul> <ul> <li data-leveltext="" data-font="Symbol" data-listid="25" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="2" data-aria-level="1"><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Root Cause Rectification: Oversee the closure of audit findings, ensuring agencies implement substantive, effective technical fixes rather than surface-level measures.</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <ul> <li data-leveltext="" data-font="Symbol" data-listid="25" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="3" data-aria-level="1"><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Systemic Weakness Identification: Analyse audit trends across the Ministry Family to&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">identify</span><span data-ccp-parastyle="gmail-wdcg">&nbsp;and address systemic weaknesses before they can be exploited.</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <ol> <li><strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Stakeholder Management &amp; Threat Intelligence</span></span></strong></li> </ol> <ul> <li data-leveltext="" data-font="Symbol" data-listid="26" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="1" data-aria-level="1"><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Education &amp; Advocacy: Partner with Agency CIOs, CISOs, and Project Owners to inculcate a proactive risk management mindset.</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <ul> <li data-leveltext="" data-font="Symbol" data-listid="26" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="2" data-aria-level="1"><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Threat &amp; Tech Foresight: Keep abreast of evolving Actor TTPs (Tactics, Techniques, and Procedures) and technology changes. Periodically review the relevancy of existing Ministry-wide defences against the latest threat</span><span data-ccp-parastyle="gmail-wdcg">s</span><span data-ccp-parastyle="gmail-wdcg">.</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <p><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></p> <p>&nbsp;</p> <p><strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Qualifications &amp; Requirements</span></span></strong><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></p> <p><strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Experience</span></span></strong><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></p> <ul> <li data-leveltext="" data-font="Symbol" data-listid="27" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="1" data-aria-level="1"><strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Years of Experience:</span></span></strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg"> </span><span data-ccp-parastyle="gmail-wdcg">10</span><span data-ccp-parastyle="gmail-wdcg">&nbsp;to&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">12</span><span data-ccp-parastyle="gmail-wdcg">&nbsp;years in Cybersecurity GRC, Information Security Risk Management, or Security Architecture.</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <ul> <li data-leveltext="" data-font="Symbol" data-listid="27" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="2" data-aria-level="1"><strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Domain Breadth:</span></span></strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg"> Proven experience in managing risks across IT and Cloud environments; exposure to OT (Operational Technology) systems is a significant advantage.</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <ul> <li data-leveltext="" data-font="Symbol" data-listid="27" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="3" data-aria-level="1"><strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Regulatory Knowledge:</span></span></strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg"> Deep familiarity with Singapore Government security policies (e.g., Instruction Manual on IT Management) and international standards (e.g., NIST, ISO 27001).</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <p><strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Technical Skills</span></span></strong><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></p> <ul> <li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="1" data-aria-level="1"><strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Risk Methodologies:</span></span></strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg"> Mastery of risk assessment methodologies (e.g., TVRA) and the ability to translate technical vulnerabilities into business risk.</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <ul> <li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="2" data-aria-level="1"><strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Security Technologies:</span></span></strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg"> Strong technical understanding of&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">various&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">Zero Trust Architecture (ZTA) components</span><span data-ccp-parastyle="gmail-wdcg">&nbsp;and&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">cloud security technologies. Such as</span><span data-ccp-parastyle="gmail-wdcg">&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">Firewalls, EDR, IAM, SIEM,&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">CSPM, CWPP, CASB</span><span data-ccp-parastyle="gmail-wdcg">&nbsp;and secrets management</span><span data-ccp-parastyle="gmail-wdcg">&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">etc.</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <ul> <li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="3" data-aria-level="1"><strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Threat Awareness:</span></span></strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg"> Ability to map technical controls to the MITRE ATT&amp;CK framework to ensure defensive coverage.</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <ul> <li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="4" data-aria-level="1"><strong><span data-contrast="auto">Offensive Security</span></strong><span data-contrast="auto">:&nbsp;Proficiency&nbsp;in manual and automated testing tools; deep understanding of the MITRE ATT&amp;CK framework and common TTPs.</span><span data-ccp-props="{&quot;335559739&quot;:0}">&nbsp;</span></li> </ul> <ul> <li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="5" data-aria-level="1"><strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Certifications:</span></span></strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg"> Professional certifications such as </span></span><strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">CISM (Certified Information Security Manager), CRISC (Certified in Risk and Information Systems Control),&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">CISSP,&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">OSCP</span><span data-ccp-parastyle="gmail-wdcg">&nbsp;or&nbsp;</span><span data-ccp-parastyle="gmail-wdcg">OSWE (Offensive Security Web Expert)</span><span data-ccp-parastyle="gmail-wdcg">&nbsp;</span></span></strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">are highly preferred.</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <p><strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Soft Skills</span></span></strong><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></p> <ul> <li data-leveltext="" data-font="Symbol" data-listid="29" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="1" data-aria-level="1"><strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Strategic Influence:</span></span></strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg"> Ability to educate and persuade senior stakeholders (CIOs/Project Owners) on the importance of rigorous risk governance.</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <ul> <li data-leveltext="" data-font="Symbol" data-listid="29" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="2" data-aria-level="1"><strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Critical Thinking:</span></span></strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg"> Ability to look past surface-level audit compliance to find and fix underlying systemic issues.</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <ul> <li data-leveltext="" data-font="Symbol" data-listid="29" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="3" data-aria-level="1"><strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Lifelong Learner:</span></span></strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg"> A genuine passion for staying updated on the latest security technologies and evolving cyber threat landscapes.</span></span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <ul> <li data-leveltext="" data-font="Symbol" data-listid="29" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}" data-aria-posinset="4" data-aria-level="1"><strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">Risk Articulation:</span></span></strong><span data-contrast="auto"><span data-ccp-parastyle="gmail-wdcg">&nbsp;Exceptional ability to "translate" deep technical issues (e.g., zero-day vulnerabilities, configuration drifts) into business risk for non-technical senior executives.</span></span><span data-ccp-props="{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <p><span data-ccp-props="{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335557856&quot;:16777215,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:420}">&nbsp;</span></p> <p><span data-ccp-props="{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335557856&quot;:16777215,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:420}">&nbsp;</span></p> <p><span data-ccp-props="{}">&nbsp;</span></p>