Cyber Security

Our Client is an established Financial Institution in Singapore, who is seeking to recruit a Cyber Security - Red Teaming Lead.

**Cyber Security - Red Teaming Lead**

**Job Function**

The role is responsible for defining and maintaining corporate-wide information security governance and adequate controls to ensure information assets are protected. This role is also responsible for identifying, evaluating and reporting of information security risks in a manner that meets compliance and regulatory requirements. The position oversees the areas of Adversarial Attack (Red Teaming) Simulation Exercises (AASE) and delivery of related IT security programmes to address new regulatory guidelines from the MAS and CSA.

**Key Accountabilities**

Reporting to Head, Information Security for the following responsibilities:

- Ensure effective Information Security controls being implemented across that can meet compliance and regulatory requirements and expectations.- Provide support for the governance and operations of infrastructure security to maintain cyber resiliency against emerging threats including perimeter security, hardening and enlistment, security patching, vulnerability management and cyber threat intelligence monitoring.- Redefine security enablement and maturity capability to support new business strategy, industry-wide initiative and IT innovation.- Provide support for the information security risks and governance including harmonization of IT security policies and standards, data loss prevention, risk assessment and acceptance, security training and awareness, and audit management.- Support the Information Security related reporting and metrics via Technology Governance Committee.**Position Deliverables**
- Lead and manage a team of information security professionals effectively for delivery of effective Adversary Attack (Red Teaming) Simulation Exercises (AASE) and strategic technology governance initiatives.
- Deliver tactical and long term initiatives to support the development and delivery of the corporate Strategic Cyber Security Strategy through process and control enhancements derived from regulatory technology control framework and industry best practices. Provide a forward-looking view by working with industry experts and partners to incorporate suitable techniques and tools to manage emerging threats and risks.
- Work with key stakeholders to ensure information security compliance with CSA Cybersecurity Act and CyberSecurity Code of Practice (CCoP). Manage and support audits effectively to meet timely and quality closure of audit issues.
- Support the delivery of a robust and fit-for-purpose framework on information security governance for that balances enterprise risk appetite with business growth objectives.
- Provide security advisory to senior management and key stakeholders so they are kept abreast with modern techniques and countermeasures to emerging security threats.
- Support the delivery of robust and enterprise-wide programme on information security training for all employees and contractors.-
**Technical Competency**
- Strong change champion with the ability to master key concepts on cyber security related use cases and articulate security objectives to stakeholders across all levels.- Knowledge of technological trends and developments in the area of information security and risk management.- Project management skills; financial/budget management, scheduling and resource management, contract and vendor negotiations.
- Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals.
- Professional certification, such as a CISSP, CISM, CISA or other information security credentials, is preferred.- Knowledge of security and control frameworks, such as ISO 27001/2, COBIT, COSO and ITIL.
- Degree in an information security, or information technology-related field, or equivalent work
- or education-related experience.- Minimum of 10 years’ experience in a combination of risk management, information security and general technology management.

**Essential Attributes**
- Sound leadership to lead, motivate, inspire and develop team with different team dynamics.
- Strong leadership in cyber security within technology, and is seen as the go-to person on trends.
- Ability to influence develop peers and develop new talents to support Information Security initiatives.
- Ability to build strong relationships within the local financial industry is an advantage.
- Strong strategic thinking, business analysis, negotiation with demonstrated influencing skills.
- Manage and deploy resources efficiently and effectively to achieve function’s objectives. Motivate team to achieve continuous improvements in performance levels.
- High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity.- Strong organizational skills and the ability to manage multiple projects wit