#SGUnitedJobs Lead Cybersecurity Specialist (CISO Office)
GOVERNMENT TECHNOLOGY AGENCY
Information Technology, Public / Civil Service
To support CISO and the Office in the formulation and implementation of cybersecurity policies, governance and regulatory frameworks as well as capability and resourcing support for MOH Family agencies, public healthcare institutions, and private and community healthcare providers to uplift cybersecurity across the healthcare sector.
What to expect:
- Cybersecurity Strategy
- Provide ICT Security leadership for MOH Family in terms of formulating cybersecurity strategy to support the MOH Family Digital Plans (MFDP) and the Digital Government Blueprint (DGB).
- Establish cybersecurity maturity model and set maturity target.
- Performance measurement, Security Posture & Gap Analysis
- Define the key risk & performance indicators (KRIs, KPIs) to gauge the cybersecurity posture and level of maturity of MOH FamilyMonitor trending across agencies within MOH Family.
- Policy, Standards & Guideline in line with Whole-of-Government (WOG) information security policies and directions
- Maintain MOH Family ICT security policy baseline.
- Facilitate MOH Family in the adoption of ICT security standards and guidance.
- Risk Management
- Establish MOH Family risk appetite statement and risk tolerance levels.
- Oversight of MOH Family risk and control program.
- Compliance oversight across agencies at MOH Family.
- Security Awareness
- Oversight of MOH Family security awareness work plan.
- Threat & Incident Management
- Provide technical leadership to ACISOs under Ministry Family in the ICT security incident management of ICT systems to minimize the business impact and ensure learning points are distilled and shared across agencies to avoid repeated incidents.
- Cybersecurity consultancy
- Provide cybersecurity advice to key public healthcare system on request by PS MOH or senior stakeholders.
How to succeed:
- At least 5 years of experience in public sector, cybersecurity with working knowledge on policies and procedures, design/implementation of application security or network security.
- Prior experience in formulating information security polices, standards and procedures or application security or network security will be an added advantage.
- Prior experience in managing a cybersecurity team will be an added advantage.
Closing on 15 Jun 2021