For Employers
Assistant Manager, Regional Cybersecurity
10 hours ago
Posted date
10 hours ago
Mid-levelMinimum level
Mid-level
ITJob category
IT

Job Description :

1) Strategize, Lead, Drive and Manage Cybersecurity ISO accreditation program for Asia Pacific

  • Lead, drive and manage all applicable Cybersecurity ISO implementations and re-certification operations.
  • Develop ISO security design, accreditation framework, and review processes.
  • Perform gap assessment and develop ISO roadmap for accreditation and/or re-certification.
  • Develop policies, standards, procedures, and operational processes to meet the developed ISO roadmap.
  • Effectively manage the security ISO roadmap based on approved Strategic goals, prioritizing across tactical and strategic goals, and align business needs and technical priorities.
  • Collaborate with Company CSIRT, PSIRT and Enterprise Risk Management teams to achieve the requirements of security ISO accreditation.
  • Deliver expert level security ISO advisory to internal stakeholders to secure ISO investments.

2) Establish and operationalize cybersecurity ISO compliance and recertification:

  • Work with global and regional stakeholders to align SOPs and QPs that achieve compliance to Group/Region Cybersecurity ISO program, policies, standards and framework.
  • Collaborate with various internal company teams such as Corporate IT, Business Applications, Product and Services R&D, Marketing and Customer services teams to achieve security ISO re-certifications.
  • Provide timely management reporting to relevant Regional/Group Risk Management Committee.
  • Prepare and present CAPEX and OPEX budget for security ISO accreditation/re-accreditation and operations in the region.

3) Continuous improvements to cybersecurity stance of AP operation:

  • Establish continuous improvements to Company’s security ISO including but not limited to identifying new ISO standards that better support the Company’s business objectives.
  • Establish continuous improvements to Company’s cybersecurity monitoring.
  • Establish continuous improvements to Company’s staff cybersecurity knowledge including but not limited to training and identify potential cybersecurity breaches.
  • Establish process to work with business stakeholders to continuously update SOPs and QPs to response to new risk areas and potential breaches.

4) Support business in response to Sysmex customers’ cybersecurity requirements:

  • Review tender requirements of Sysmex customers’ as provided by sales teams and:
  • Highlight areas of out of Sysmex controls
  • Highlight risk areas for Sysmex to consider countermeasures.
  • Bring highlighted risk areas and their respective countermeasures back into Sysmex cybersecurity stance and operation requirements.

5) Manage cybersecurity incidents response and resolution:

  • Supporting the Regional Information Security Manager, manage cybersecurity incidents response with close collaboration with cybersecurity experts, internal IT and vendors, to achieve on-target, and timely triage and resolution of cybersecurity incidents in the region, in accordance to global/regional policies.

6) Other duties as assigned by the HOD.

 

Job Requirements :

  • Possess a tertiary education in any discipline, preferably in Cybersecurity, Computer Science, Computer Technology, or a medical/healthcare-related field (or equivalent demonstrated knowledge and experience in the cybersecurity domain).
  • With 8 to 15 years of experience in cybersecurity or ISO accreditation within the medical or healthcare industry, ideally with IT and/or product cybersecurity program or project experience in a dynamic, agile MNC environment that includes cybersecurity management responsibilities.
  • Must have a minimum of 2 recent, successful hands-on experiences in ISO 27001:2022 and/or ISO 81001 implementations.
  • At least 1 successful hands-on experience in re-certification of ISO 27001 and/or ISO 81001 programs.
  • Sound experience in working in a regional MNC RHQ shared services environment.
  • Technically competent and have prior project/program implementation experiences in the Cybersecurity domain such as: Expert knowledge in the latest ISO 27001, ISO 81001, NIST Cybersecurity framework, Cybersecurity Strategy and Roadmap formulation, Cybersecurity Framework, Policies, SOP formulation and enforcement, Cybersecurity Program and Project Management, Cyber Risk Assessment and Governance Management, Cyber Incident Response Management, Cyber Awareness and Training, Cyber Vulnerability Assessment and Penetration Testing, Cyber Prevention, Technical Security of Enterprise Systems and Networks Technical Security of Medical Devices, Experience in security domains in Data Centre design, Microsoft Azure, AWS and DevOps.
  • Strong ISO program and stakeholder management is essential for this role.
  • Demonstrate ability to build and maintain relationships with a wide array of people at both junior and senior levels, internal within the organization or externally across industries.
  • Must possess professional cybersecurity certifications such as CISSP, CISM, CCSP, CISA, or equivalent. In addition, a Project or Program Management certification (PMP or PRINCE2) is required, along with formal training or demonstrated expertise in ISO 27001:2022 and ISO 81001 (or equivalent).
  • Excellent written verbal communication, presentation and negotiation skills.
  • Possesses an independent, objective and inquisitive mind.
Related tags
JOB SUMMARY
Assistant Manager, Regional Cybersecurity
Singapore
10 hours ago
Mid-level
Full-time