LKCMedicine will need to hire an Assistant Director, Cyber Security to support the strategic planning, implementation, and ongoing management of LKCMedicine IT's cybersecurity initiatives. This will include gaining an in-depth understanding of the security requirements, leading, and implementing cybersecurity solutions for LKCMedicine. This position will need to navigate the evolving cybersecurity landscape, integral to the continuity and effectiveness of LKCM operations, research, and learning.

Responsibilities:

Cybersecurity Governance and Compliance

• Formulating and developing cybersecurity goals, policies, standards, and procedures.
• Implement addendum policies pertaining to health care sector to LKCMedicine
• To achieve Cyber Trust Mark, CTM Tier 5 - Advocate level
• Lead the Internal and external auditor to track and remediate Cyber security related audit issues
• Review current applications and enhance cybersecurity controls with system owners and users
• Work with internal teams to ensure effective implementation of Cyber Security policies, standards, and procedures
• Work with the compliance team on Data Privacy Office
• Manage security awareness programme and phishing exercise aligned with NTU wide cyber security awareness programme
• To be the Initiative Manager to submit initiatives to the Cyber Security Risk Committee

Risk Management and Security Assessment

• Conduct risk analysis and maturity assessments for LKCMedicine IT systems, coordinate and execute penetration tests, perform security review for new and existing projects or major enhancements
• To help the end users access the project risks during the inception of a project

Leadership & guidance

• Handle and complete various cybersecurity projects with minimal supervision and able to articulate important cybersecurity concepts to senior management
• Be the cyber consultant for the IT department and guide & train fellow colleagues on cyber security
• Provide regular updates (weekly, bi-weekly, monthly, etc) to the management on cyber related issues
• To plan out cyber security awareness program for the entire year for the management to review.

Incident Response and Management

• Provide timely support of major security incidents or data breaches, plan and participating in cyber security incident tabletop exercises
• Be the incident response manager and produce call tree and processes during crisis issues

Innovation and Technology Enhancement

• Explore innovative technologies to enhance LKCMedicine cybersecurity capabilities and managing the data encryption program
• Able to understand cloud security measures and advice the users the cyber security best practices

Requirements:

• Degree in Computer Science, Computer Engineering, or related discipline
• CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager) or relevant IT security certification is required
• Relevant security assessment certifications such as OSCP (Offensive Security Certified Professional), Crest CRT (CREST Registered Penetration Tester) will be beneficial
• At least 10 years of IT related working experience with at least 8 years in IT Security Domain practices
• Strong stakeholder management and excellent communication skills
• Deep understanding and working experience in Cyber Security management and ability to work with cross-functional teams to enforce security policies and standards
• Experience in implementing security controls, and mitigating measures on enterprise security solutions

This is a 3 years contract appointment.

Hiring Institution: LKC