Chief Information Security Officer

Overview We are seeking for a Chief Information Security Officer for Singtel Digital InfraCo. The CISO will be the subject matter expert for security of Singtel's Digital InfraCo offerings that encompass software platforms, AI cloud, data centers, satellites and sub-sea cables. The candidate will liaise with Singtel's global customers to position the strength of the cyber security posture of Singtel's Digital InfraCo products. The candidate will also be the trusted advisor to global customers for security best practises including but not limited to CIS, OWASP, ISO 27001/27002/27017/27018, GDPR, HIPAA, PCI DSS and SOC. Responsibilities Monitor and improve the security posture of Digital InfraCo products architecture and deployment design. As the security subject matter expert, take responsibility in defining the security posture of all global customer deployments. Have a deep understanding of the security posture of typical three tier enterprise application architecture, infrastructure security and network security to advise end to end security solution covering networks, applications and infrastructure security for customer deployments on 5G/4G/SDWAN/MPLS/Public Cloud/MEC. Have a good understanding of public cloud and private cloud security aspects including but not limited to web application firewalls, virtual firewall, anti-DDoS, deep packet inspection etc. Take responsibility on Planning, implementing, managing, monitoring, and upgrading security measures for the protection of the Digital InfraCo products infrastructure, data, systems, and networks. Assist in technical design reviews, integration, testing, and documentation work related to cyber and infrastructure security. Be a part of incident response team to handle cyber incidents and contribute to change management process to address security aspects. Perform cyber threat surveillance, research and analysis to monitor the latest trends and developments in cyber attacks, assess the risks and implications to the customer Enterprise platform deployments, and participate in initiatives to strengthen cyber situational awareness and resilience of the Digital InfraCo products infrastructure. Gather and analyse cyber threat information and intelligence from various sources to derive insights on the latest attack tactics, techniques and procedures (TTPs), attack trends and patterns, as well as threat actors' profiles. Disseminate relevant information to stakeholders to provide early-warning on impending cyber threats and prepare technical reports on the analyses and recommendations, including strategies to address the attendant risks posed by the observed threats. Be the primary security SPOC for all global customers including but not limited to Telcos, Governments, large and small enterprises. Proactively hunt for threats and enable incident management lifecycle while supporting recovery efforts. Provide insightful knowledge and guidance to colleagues engaged in prevention measures. Develop hypotheses, techniques and execute hunts to identify threats across the environment. Maintain collaborations with the security teams and business stakeholders to implement countermeasures and improve defences. Active participation and involvement in group discussions and provide with current updates on emerging threats and cyber related risks. Proactively coordinate with immediate stakeholders - technical and business stakeholders and manage internal and external partnerships during a security incident. What You Need To Have A degree in Computer Science, IT, Systems Engineering, or related qualification. At least 15 years of work experience with incident detection, incident response, and forensics. Strong knowledge of cyber security controls, regulations, processes and standards, such as NIST cybersecurity, IM8 and CIS. Good understanding of security standards including but not limited to CIS, OWASP, ISO 27001/27002/27017/27018, GDPR, HIPAA, PCI DSS and SOC. Knowledge in Firewalls (functionality and maintenance), Virtualization security, System security both Linux, Windows and Endpoint Security, SIEM, WAF, IPS/IDS, Cloud Security, transport layer security, encryption at rest, zero trust architecture and defence in depth principles. Relevant certifications in cyber security, e.g. CISSP, CISM, SANS-SEC511, SANS-FOR578, SANS-FOR610 etc., preferred. Effective communicator who thrives under pressure. Highly analytical and able to work independently. Ability to work under pressure in a fast-paced environment. Strong attention to detail with an analytical mind and outstanding problem-solving skills. Great awareness of cybersecurity trends and hacking techniques. Your Career Growth Starts Here. Apply Now#J-18808-Ljbffr