Cyber Security Specialist

Trust is the first of a new breed of banks in Singapore - digitally native and focused on delivering a delightful customer experience. You will work in a fast-paced and collaborative environment to solve new and interesting challenges each day. Together with our Trust team, you will help shape the future of our bank.

As a **Cyber Security Specialist** you'd be able to work on and solve many interesting challenges which we are facing, learn new ways of working, and help build delightful high quality products for our customers.

As the **Cyber Security Specialist,** you will be responsible for leading the drive the design, implementation of a comprehensive security awareness program for the organization. Working closely with various stakeholders, including product owners, marketing, risk, and compliance to develop, and executing security training and awareness initiatives that align with modern approaches to security, integrating cloud-native security designs, industry best practices and organizational policies to Foster a Security-Conscious Culture.

Additionally, you will be responsible for working with key stakeholders on managing the security risks associated with third-party vendors and partners. The main focus will be on ensuring that the organization's third-party relationships meet security standards and compliance requirements, and that any potential security risks are identified and addressed in a timely manner.

Your role would sit within the First Line of Defence Technology Risk Team in Trust and reporting to the Head of Technology and ICS Risk.

**The Role Responsibility**:
In order to be successful at the role, you must have the following:
Key Responsibilities:
Security Awareness:

- Develop and implement a security awareness program: This involves creating a comprehensive plan that includes training materials, workshops, and other resources to educate employees about security best practices.
- Conduct security training sessions: The Security Awareness Specialist will be responsible for delivering security training sessions to employees at all levels of the organization. These sessions may be conducted in person, via webinars, or through other means.
- Design and implement specific awareness campaigns: The Specialist will work with the security team to design awareness programs for target groups of users. E.g. capture the flag, security awareness month, customer awareness campaigns etc.
- Monitor and evaluate the effectiveness of the security awareness program: The Specialist will continuously monitor and evaluate the effectiveness of the program and make necessary adjustments based on feedback and changing security risks.
- Stay up-to-date with the latest security trends, threats and compliance requirements: The Specialist will keep up-to-date with the latest security trends, threats and compliance requirements and incorporate this information into the security awareness program.
- Collaborate with other departments: The Specialist will work closely with other departments, IT and HR, to ensure that the security awareness program is integrated into the overall organizational strategy.

Third-Party Security Risk:

- Manage third-party security risks: this will involve identifying and managing third-party security risks, including conducting security assessments of vendors and partners and monitoring their compliance with security policies and regulations.
- Develop and implement third-party security policies and procedures: work with the security team to develop and implement third-party security policies and procedures that align with industry standards and best practices.
- Monitor and evaluate third-party security performance: The Specialist will continuously monitor and evaluate the security performance of third-party vendors and partners and make necessary adjustments based on feedback and changing security risks.
- Collaborate with other departments: The Specialist will work closely with other departments, such as procurement and legal, to ensure that third-party security is integrated into the overall organizational strategy.
- Stay up-to-date with the latest security trends and threats: The Specialist will keep up-to-date with the latest security trends and threats related to third-party vendors and partners and incorporate this information into the third-party security program.

**Role Specific Technical Competencies**:
Skill

Target proficiency level

Security best practices, including data protection, network security, and incident response.

Expert

Communication

Expert

Project Management

Advanced
- Bachelor's degree in Computer Science, Information Technology, or a related field.
- 5 years of experience in security awareness or a related field.
- Knowledge of security best practices, including data protection, network security, and incident response.
- Excellent communication skills, including the ability to deliver engaging and informative presentations.
- Strong project managem