- Leading company's efforts in driving cyber security, you will play a crucial role in implementing cyber security initiatives and planning operational responses to cyber attacks.
- Formulate policies pertaining to the protection of the Critical Information Infrastructure (CII).
- Developing and enforcing CII protection policies, standards and guidelines.
- Required to keep abreast of the latest industry ICT security practices and technologies as well as emerging threats and vulnerabilities.
- Periodic compliance audits are required to be carried out in accordance to company and government policies.
- Develop and maintain Operational Technology Systems standards.
- Enhancing early detection capability, establish the Information Exchange Framework and improvise the Cyber Security Network (CSN) Portal to ensure effective and safe communication, as well as information sharing among the stakeholders. A Cyber Security Centre will also be set up to provide early warning of impending cyber-threats.
- Establish the cyber incident response framework to ensure readiness to respond to cyber-security incidents.
- Manage and conduct investigations to ensure appropriate follow up actions are taken to address any security gaps.
- Plan, conduct and participate in exercises to ensure preparedness at all levels to deal with any cyber security incidents.
- Possess relevant accreditations such as Certified Information Security Manager, Certified Information Systems Security Professional, Certified in the Governance of Enterprise IT and Certified Information Systems Auditor
- At least 5 years of experience in ICT /Operational Technology (OT) related role in the areas of cyber security governance, risk management, cyber security defence, cyber incident management and investigation in a complex IT/OT environment.
- Possess good verbal and written communication skills with stakeholders at all levels
- Competent in large scale project and vendor risk management, business continuity planning, incident response and crisis management.
- Strong understanding of international security standards such as ISO27001/27002, NIST Cybersecurity Framework, OWASP will have an advantage.
Octavius, Whei Jie Yong EA License No.: 02C3423 Personnel Registration No.: R1110096