Job Description
Our Client is an established company in Singapore, who is seeking to recruit a Lead Cybersecurity Specialist (Governance). Lead Cybersecurity Specialist (Governance) You will be the primary architect of the security governance and risk management framework., with the mission to transform GRC from a compliance-heavy exercise into a strategic enabler. You will ensure that risk management is deeply integrated into the lifecycle of every digital system, from web applications to critical Operational Technology (OT) environments. 1. Enterprise Risk Governance & Management · Dynamic Risk Registers: Establish and oversee the security risk register. You will ensure that registers are not static documents but "living" tools that accurately reflect the current threat landscape and project status across all agencies. · Senior Management Facilitation: Lead and facilitate high-level risk conversations with Senior Management. You must be able to translate complex technical risks into clear business impacts to drive informed resource allocation and prioritisation. · Risk Analysis Framework: Develop a robust framework to guide agencies in performing consistent, high-quality risk analysis. This framework should empower agencies to take calculated risks for innovation rather than defaulting to "no" due to risk aversion. 2. Threat Risk Assessment (TRA) & Standards · Unified TRA Framework: Establish and maintain standards for conducting Threat Risk Assessments across diverse domains, including Cloud (GCC), Web Applications, and OT/ICS systems. · Crown Jewel Identification: Develop SOPs to guide project teams in identifying "Crown Jewels" (Critical Information Assets) and mapping comprehensive threat vectors. · Standardisation of Controls: Define common security configuration standards and ensure that controls are technically effective in mitigating identified risks, rather than just meeting baseline requirements. 3. Zero Trust & Architecture Governance · Zero Trust Roadmap: Lead the e
